suttonsoft

11:44:41.0726 5740 TDSS rootkit removing tool 2.7.23.0 Mar 26 2012 13:40:18 11:44:43.0754 5740 ============================================================ 11:44:43.0754 5740 Current date / time: 2012/03/29 11:44:43.0754 11:44:43.0754 5740 SystemInfo: 11:44:43.0754 5740 11:44:43.0754 5740 OS Version: 6.1.7600 ServicePack: 0.0 11:44:43.0754 5740 Product type: Workstation 11:44:43.0754 5740 ComputerName: DANGER-PC 11:44:43.0754 5740 UserName: danger 11:44:43.0754 5740 Windows directory: C:\windows 11:44:43.0754 5740 System windows directory: C:\windows 11:44:43.0754 5740 Running under WOW64 11:44:43.0754 5740 Processor architecture: Intel x64 11:44:43.0754 5740 Number of processors: 2 11:44:43.0754 5740 Page size: 0x1000 11:44:43.0754 5740 Boot type: Normal boot 11:44:43.0754 5740 ============================================================ 11:44:44.0284 5740 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 11:44:44.0300 5740 \Device\Harddisk0\DR0: 11:44:44.0300 5740 MBR used 11:44:44.0300 5740 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x38B3B800 11:44:44.0347 5740 Initialize success 11:44:44.0347 5740 ============================================================ 11:45:26.0186 4512 ============================================================ 11:45:26.0186 4512 Scan started 11:45:26.0186 4512 Mode: Manual; SigCheck; TDLFS; 11:45:26.0186 4512 ============================================================ 11:45:26.0748 4512 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\windows\system32\DRIVERS\1394ohci.sys 11:45:26.0888 4512 1394ohci - ok 11:45:27.0013 4512 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\windows\system32\DRIVERS\ACPI.sys 11:45:27.0044 4512 ACPI - ok 11:45:27.0106 4512 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\windows\system32\DRIVERS\acpipmi.sys 11:45:27.0231 4512 AcpiPmi - ok 11:45:27.0340 4512 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\windows\system32\DRIVERS\adp94xx.sys 11:45:27.0372 4512 adp94xx - ok 11:45:27.0465 4512 adpahci (597f78224ee9224ea1a13d6350ced962) C:\windows\system32\DRIVERS\adpahci.sys 11:45:27.0496 4512 adpahci - ok 11:45:27.0559 4512 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\windows\system32\DRIVERS\adpu320.sys 11:45:27.0574 4512 adpu320 - ok 11:45:27.0637 4512 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\windows\System32\aelupsvc.dll 11:45:27.0746 4512 AeLookupSvc - ok 11:45:27.0855 4512 AFD (db9d6c6b2cd95a9ca414d045b627422e) C:\windows\system32\drivers\afd.sys 11:45:27.0933 4512 AFD - ok 11:45:28.0058 4512 AgereSoftModem (98022774d9930ecbb292e70db7601df6) C:\windows\system32\DRIVERS\agrsm64.sys 11:45:28.0152 4512 AgereSoftModem - ok 11:45:28.0261 4512 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\windows\system32\DRIVERS\agp440.sys 11:45:28.0292 4512 agp440 - ok 11:45:28.0323 4512 ALG (3290d6946b5e30e70414990574883ddb) C:\windows\System32\alg.exe 11:45:28.0370 4512 ALG - ok 11:45:28.0464 4512 aliide (5812713a477a3ad7363c7438ca2ee038) C:\windows\system32\DRIVERS\aliide.sys 11:45:28.0479 4512 aliide - ok 11:45:28.0604 4512 amdide (1ff8b4431c353ce385c875f194924c0c) C:\windows\system32\DRIVERS\amdide.sys 11:45:28.0620 4512 amdide - ok 11:45:28.0651 4512 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\windows\system32\DRIVERS\amdk8.sys 11:45:28.0682 4512 AmdK8 - ok 11:45:28.0776 4512 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\windows\system32\DRIVERS\amdppm.sys 11:45:28.0822 4512 AmdPPM - ok 11:45:28.0932 4512 amdsata (7a4b413614c055935567cf88a9734d38) C:\windows\system32\DRIVERS\amdsata.sys 11:45:28.0947 4512 amdsata - ok 11:45:28.0978 4512 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\windows\system32\DRIVERS\amdsbs.sys 11:45:28.0994 4512 amdsbs - ok 11:45:29.0119 4512 amdxata (b4ad0cacbab298671dd6f6ef7e20679d) C:\windows\system32\DRIVERS\amdxata.sys 11:45:29.0134 4512 amdxata - ok 11:45:29.0244 4512 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\windows\system32\drivers\appid.sys 11:45:29.0322 4512 AppID - ok 11:45:29.0400 4512 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\windows\System32\appidsvc.dll 11:45:29.0462 4512 AppIDSvc - ok 11:45:29.0556 4512 Appinfo (d065be66822847b7f127d1f90158376e) C:\windows\System32\appinfo.dll 11:45:29.0634 4512 Appinfo - ok 11:45:29.0743 4512 arc (c484f8ceb1717c540242531db7845c4e) C:\windows\system32\DRIVERS\arc.sys 11:45:29.0758 4512 arc - ok 11:45:29.0774 4512 arcsas (019af6924aefe7839f61c830227fe79c) C:\windows\system32\DRIVERS\arcsas.sys 11:45:29.0790 4512 arcsas - ok 11:45:29.0852 4512 AsyncMac (769765ce2cc62867468cea93969b2242) C:\windows\system32\DRIVERS\asyncmac.sys 11:45:29.0914 4512 AsyncMac - ok 11:45:29.0992 4512 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\windows\system32\DRIVERS\atapi.sys 11:45:30.0008 4512 atapi - ok 11:45:30.0086 4512 athr (e857eee6b92aaa473ebb3465add8f7e7) C:\windows\system32\DRIVERS\athrx.sys 11:45:30.0133 4512 athr - ok 11:45:30.0242 4512 AudioEndpointBuilder (07721a77180edd4d39ccb865bf63c7fd) C:\windows\System32\Audiosrv.dll 11:45:30.0304 4512 AudioEndpointBuilder - ok 11:45:30.0336 4512 AudioSrv (07721a77180edd4d39ccb865bf63c7fd) C:\windows\System32\Audiosrv.dll 11:45:30.0382 4512 AudioSrv - ok 11:45:30.0445 4512 AVP - ok 11:45:30.0570 4512 AxInstSV (b20b5fa5ca050e9926e4d1db81501b32) C:\windows\System32\AxInstSV.dll 11:45:30.0632 4512 AxInstSV - ok 11:45:30.0741 4512 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\windows\system32\DRIVERS\bxvbda.sys 11:45:30.0788 4512 b06bdrv - ok 11:45:30.0882 4512 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\windows\system32\DRIVERS\b57nd60a.sys 11:45:30.0928 4512 b57nd60a - ok 11:45:31.0022 4512 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\windows\System32\bdesvc.dll 11:45:31.0084 4512 BDESVC - ok 11:45:31.0178 4512 Beep (16a47ce2decc9b099349a5f840654746) C:\windows\system32\drivers\Beep.sys 11:45:31.0209 4512 Beep - ok 11:45:31.0318 4512 BFE (4992c609a6315671463e30f6512bc022) C:\windows\System32\bfe.dll 11:45:31.0396 4512 BFE - ok 11:45:31.0506 4512 BITS (7f0c323fe3da28aa4aa1bda3f575707f) C:\windows\System32\qmgr.dll 11:45:31.0568 4512 BITS - ok 11:45:31.0677 4512 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\windows\system32\DRIVERS\blbdrive.sys 11:45:31.0708 4512 blbdrive - ok 11:45:31.0802 4512 bowser (19d20159708e152267e53b66677a4995) C:\windows\system32\DRIVERS\bowser.sys 11:45:31.0864 4512 bowser - ok 11:45:31.0958 4512 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\windows\system32\DRIVERS\BrFiltLo.sys 11:45:32.0020 4512 BrFiltLo - ok 11:45:32.0052 4512 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\windows\system32\DRIVERS\BrFiltUp.sys 11:45:32.0083 4512 BrFiltUp - ok 11:45:32.0161 4512 Browser (94fbc06f294d58d02361918418f996e3) C:\windows\System32\browser.dll 11:45:32.0254 4512 Browser - ok 11:45:32.0317 4512 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\windows\System32\Drivers\Brserid.sys 11:45:32.0348 4512 Brserid - ok 11:45:32.0426 4512 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\windows\System32\Drivers\BrSerWdm.sys 11:45:32.0473 4512 BrSerWdm - ok 11:45:32.0520 4512 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\windows\System32\Drivers\BrUsbMdm.sys 11:45:32.0566 4512 BrUsbMdm - ok 11:45:32.0629 4512 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\windows\System32\Drivers\BrUsbSer.sys 11:45:32.0676 4512 BrUsbSer - ok 11:45:32.0800 4512 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\windows\system32\drivers\BthEnum.sys 11:45:32.0847 4512 BthEnum - ok 11:45:32.0878 4512 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\windows\system32\DRIVERS\bthmodem.sys 11:45:32.0941 4512 BTHMODEM - ok 11:45:33.0034 4512 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\windows\system32\DRIVERS\bthpan.sys 11:45:33.0081 4512 BthPan - ok 11:45:33.0222 4512 BTHPORT (21084ceb85280468c9aca3c805c0f8cf) C:\windows\System32\Drivers\BTHport.sys 11:45:33.0268 4512 BTHPORT - ok 11:45:33.0362 4512 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\windows\system32\bthserv.dll 11:45:33.0456 4512 bthserv - ok 11:45:33.0565 4512 BTHUSB (8504842634dd144c075b6b0c982ccec4) C:\windows\System32\Drivers\BTHUSB.sys 11:45:33.0627 4512 BTHUSB - ok 11:45:33.0674 4512 cdfs (b8bd2bb284668c84865658c77574381a) C:\windows\system32\DRIVERS\cdfs.sys 11:45:33.0721 4512 cdfs - ok 11:45:33.0814 4512 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\windows\system32\DRIVERS\cdrom.sys 11:45:33.0877 4512 cdrom - ok 11:45:33.0986 4512 CertPropSvc (312e2f82af11e79906898ac3e3d58a1f) C:\windows\System32\certprop.dll 11:45:34.0048 4512 CertPropSvc - ok 11:45:34.0126 4512 cfWiMAXService (837ff2d497880198c918e6954dbd170c) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe 11:45:34.0158 4512 cfWiMAXService - ok 11:45:34.0251 4512 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\windows\system32\DRIVERS\circlass.sys 11:45:34.0329 4512 circlass - ok 11:45:34.0392 4512 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\windows\system32\CLFS.sys 11:45:34.0423 4512 CLFS - ok 11:45:34.0470 4512 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 11:45:34.0501 4512 clr_optimization_v2.0.50727_32 - ok 11:45:34.0548 4512 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 11:45:34.0563 4512 clr_optimization_v2.0.50727_64 - ok 11:45:34.0641 4512 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\windows\system32\DRIVERS\CmBatt.sys 11:45:34.0688 4512 CmBatt - ok 11:45:34.0735 4512 cmdide (e19d3f095812725d88f9001985b94edd) C:\windows\system32\DRIVERS\cmdide.sys 11:45:34.0750 4512 cmdide - ok 11:45:34.0828 4512 CNG (937beb186a735aca91d717044a49d17e) C:\windows\system32\Drivers\cng.sys 11:45:34.0875 4512 CNG - ok 11:45:34.0969 4512 Compbatt (102de219c3f61415f964c88e9085ad14) C:\windows\system32\DRIVERS\compbatt.sys 11:45:34.0984 4512 Compbatt - ok 11:45:35.0031 4512 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\windows\system32\DRIVERS\CompositeBus.sys 11:45:35.0062 4512 CompositeBus - ok 11:45:35.0140 4512 COMSysApp - ok 11:45:35.0218 4512 ConfigFree Gadget Service (d252c53bcdfc199bba55eeb10cdb266e) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe 11:45:35.0234 4512 ConfigFree Gadget Service - ok 11:45:35.0265 4512 ConfigFree Service (cab0eeaf5295fc96ddd3e19dce27e131) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe 11:45:35.0281 4512 ConfigFree Service - ok 11:45:35.0359 4512 crcdisk (1c827878a998c18847245fe1f34ee597) C:\windows\system32\DRIVERS\crcdisk.sys 11:45:35.0374 4512 crcdisk - ok 11:45:35.0452 4512 CryptSvc (8c57411b66282c01533cb776f98ad384) C:\windows\system32\cryptsvc.dll 11:45:35.0530 4512 CryptSvc - ok 11:45:35.0608 4512 DcomLaunch (7266972e86890e2b30c0c322e906b027) C:\windows\system32\rpcss.dll 11:45:35.0686 4512 DcomLaunch - ok 11:45:35.0780 4512 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\windows\System32\defragsvc.dll 11:45:35.0842 4512 defragsvc - ok 11:45:35.0936 4512 DfsC (9c253ce7311ca60fc11c774692a13208) C:\windows\system32\Drivers\dfsc.sys 11:45:35.0998 4512 DfsC - ok 11:45:36.0076 4512 Dhcp (ce3b9562d997f69b330d181a8875960f) C:\windows\system32\dhcpcore.dll 11:45:36.0186 4512 Dhcp - ok 11:45:36.0279 4512 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\windows\system32\drivers\discache.sys 11:45:36.0342 4512 discache - ok 11:45:36.0388 4512 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\windows\system32\DRIVERS\disk.sys 11:45:36.0404 4512 Disk - ok 11:45:36.0482 4512 Dnscache (85cf424c74a1d5ec33533e1dbff9920a) C:\windows\System32\dnsrslvr.dll 11:45:36.0529 4512 Dnscache - ok 11:45:36.0576 4512 dot3svc (14452acdb09b70964c8c21bf80a13acb) C:\windows\System32\dot3svc.dll 11:45:36.0638 4512 dot3svc - ok 11:45:36.0747 4512 Dot4 (b42ed0320c6e41102fde0005154849bb) C:\windows\system32\DRIVERS\Dot4.sys 11:45:36.0778 4512 Dot4 - ok 11:45:36.0903 4512 Dot4Print (85135ad27e79b689335c08167d917cde) C:\windows\system32\DRIVERS\Dot4Prt.sys 11:45:36.0934 4512 Dot4Print - ok 11:45:36.0950 4512 dot4usb (fd05a02b0370bc3000f402e543ca5814) C:\windows\system32\DRIVERS\dot4usb.sys 11:45:36.0981 4512 dot4usb - ok 11:45:37.0075 4512 DPS (8c2ba6bea949ee6e68385f5692bafb94) C:\windows\system32\dps.dll 11:45:37.0137 4512 DPS - ok 11:45:37.0231 4512 drmkaud (9b19f34400d24df84c858a421c205754) C:\windows\system32\drivers\drmkaud.sys 11:45:37.0278 4512 drmkaud - ok 11:45:37.0324 4512 DXGKrnl (ebce0b0924835f635f620d19f0529dce) C:\windows\System32\drivers\dxgkrnl.sys 11:45:37.0356 4512 DXGKrnl - ok 11:45:37.0449 4512 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\windows\System32\eapsvc.dll 11:45:37.0496 4512 EapHost - ok 11:45:37.0605 4512 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\windows\system32\DRIVERS\evbda.sys 11:45:37.0730 4512 ebdrv - ok 11:45:37.0839 4512 EFS (156f6159457d0aa7e59b62681b56eb90) C:\windows\System32\lsass.exe 11:45:37.0902 4512 EFS - ok 11:45:37.0964 4512 ehRecvr (b91d81b3b54a54ccafc03733dbc2e29e) C:\windows\ehome\ehRecvr.exe 11:45:38.0058 4512 ehRecvr - ok 11:45:38.0136 4512 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\windows\ehome\ehsched.exe 11:45:38.0182 4512 ehSched - ok 11:45:38.0245 4512 elxstor (0e5da5369a0fcaea12456dd852545184) C:\windows\system32\DRIVERS\elxstor.sys 11:45:38.0276 4512 elxstor - ok 11:45:38.0354 4512 ErrDev (34a3c54752046e79a126e15c51db409b) C:\windows\system32\DRIVERS\errdev.sys 11:45:38.0416 4512 ErrDev - ok 11:45:38.0541 4512 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\windows\system32\es.dll 11:45:38.0635 4512 EventSystem - ok 11:45:38.0682 4512 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\windows\system32\drivers\exfat.sys 11:45:38.0744 4512 exfat - ok 11:45:38.0822 4512 fastfat (0adc83218b66a6db380c330836f3e36d) C:\windows\system32\drivers\fastfat.sys 11:45:38.0916 4512 fastfat - ok 11:45:39.0009 4512 Fax (d607b2f1bee3992aa6c2c92c0a2f0855) C:\windows\system32\fxssvc.exe 11:45:39.0072 4512 Fax - ok 11:45:39.0165 4512 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\windows\system32\DRIVERS\fdc.sys 11:45:39.0228 4512 fdc - ok 11:45:39.0321 4512 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\windows\system32\fdPHost.dll 11:45:39.0368 4512 fdPHost - ok 11:45:39.0399 4512 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\windows\system32\fdrespub.dll 11:45:39.0462 4512 FDResPub - ok 11:45:39.0524 4512 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\windows\system32\drivers\fileinfo.sys 11:45:39.0555 4512 FileInfo - ok 11:45:39.0602 4512 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\windows\system32\drivers\filetrace.sys 11:45:39.0664 4512 Filetrace - ok 11:45:39.0727 4512 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\windows\system32\DRIVERS\flpydisk.sys 11:45:39.0774 4512 flpydisk - ok 11:45:39.0883 4512 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\windows\system32\drivers\fltmgr.sys 11:45:39.0898 4512 FltMgr - ok 11:45:39.0945 4512 FontCache (8ac4cb4ea61e41009fae9ae7b2b5da3a) C:\windows\system32\FntCache.dll 11:45:40.0023 4512 FontCache - ok 11:45:40.0117 4512 FontCache3.0.0.0 (8d89e3131c27fdd6932189cb785e1b7a) C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 11:45:40.0132 4512 FontCache3.0.0.0 - ok 11:45:40.0195 4512 FsDepends (d43703496149971890703b4b1b723eac) C:\windows\system32\drivers\FsDepends.sys 11:45:40.0210 4512 FsDepends - ok 11:45:40.0304 4512 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\windows\system32\drivers\Fs_Rec.sys 11:45:40.0320 4512 Fs_Rec - ok 11:45:40.0351 4512 fvevol (b8b2a6e1558f8f5de5ce431c5b2c7b09) C:\windows\system32\DRIVERS\fvevol.sys 11:45:40.0366 4512 fvevol - ok 11:45:40.0444 4512 FwLnk (60acb128e64c35c2b4e4aab1b0a5c293) C:\windows\system32\DRIVERS\FwLnk.sys 11:45:40.0507 4512 FwLnk - ok 11:45:40.0600 4512 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\windows\system32\DRIVERS\gagp30kx.sys 11:45:40.0616 4512 gagp30kx - ok 11:45:40.0694 4512 GameConsoleService (c44d560e441f091ea3b72f778ec60de2) C:\Program Files (x86)\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe 11:45:40.0725 4512 GameConsoleService - ok 11:45:40.0803 4512 GoogleDesktopManager-051210-111108 (9f5f2f0fb0a7f5aa9f16b9a7b6dad89f) C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe 11:45:40.0819 4512 GoogleDesktopManager-051210-111108 - ok 11:45:40.0928 4512 gpsvc (fe5ab4525bc2ec68b9119a6e5d40128b) C:\windows\System32\gpsvc.dll 11:45:40.0975 4512 gpsvc - ok 11:45:41.0084 4512 gupdate (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 11:45:41.0100 4512 gupdate - ok 11:45:41.0146 4512 gupdatem (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 11:45:41.0162 4512 gupdatem - ok 11:45:41.0240 4512 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe 11:45:41.0271 4512 gusvc - ok 11:45:41.0349 4512 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\windows\system32\drivers\hcw85cir.sys 11:45:41.0380 4512 hcw85cir - ok 11:45:41.0412 4512 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\windows\system32\drivers\HdAudio.sys 11:45:41.0458 4512 HdAudAddService - ok 11:45:41.0536 4512 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\windows\system32\DRIVERS\HDAudBus.sys 11:45:41.0568 4512 HDAudBus - ok 11:45:41.0599 4512 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\windows\system32\DRIVERS\HidBatt.sys 11:45:41.0630 4512 HidBatt - ok 11:45:41.0708 4512 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\windows\system32\DRIVERS\hidbth.sys 11:45:41.0755 4512 HidBth - ok 11:45:41.0786 4512 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\windows\system32\DRIVERS\hidir.sys 11:45:41.0802 4512 HidIr - ok 11:45:41.0895 4512 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\windows\system32\hidserv.dll 11:45:41.0973 4512 hidserv - ok 11:45:42.0051 4512 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\windows\system32\DRIVERS\hidusb.sys 11:45:42.0082 4512 HidUsb - ok 11:45:42.0114 4512 hkmsvc (efa58ede58dd74388ffd04cb32681518) C:\windows\system32\kmsvc.dll 11:45:42.0192 4512 hkmsvc - ok 11:45:42.0285 4512 HomeGroupListener (046b2673767ca626e2cfb7fdf735e9e8) C:\windows\system32\ListSvc.dll 11:45:42.0363 4512 HomeGroupListener - ok 11:45:42.0441 4512 HomeGroupProvider (06a7422224d9865a5613710a089987df) C:\windows\system32\provsvc.dll 11:45:42.0488 4512 HomeGroupProvider - ok 11:45:42.0535 4512 HpSAMD (0886d440058f203eba0e1825e4355914) C:\windows\system32\DRIVERS\HpSAMD.sys 11:45:42.0550 4512 HpSAMD - ok 11:45:42.0660 4512 HPSLPSVC (7f57926169c1b8aba9274ea7d4b70f18) C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL 11:45:42.0691 4512 HPSLPSVC ( UnsignedFile.Multi.Generic ) - warning 11:45:42.0691 4512 HPSLPSVC - detected UnsignedFile.Multi.Generic (1) 11:45:42.0816 4512 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\windows\system32\drivers\HTTP.sys 11:45:42.0878 4512 HTTP - ok 11:45:42.0987 4512 hwpolicy (f17766a19145f111856378df337a5d79) C:\windows\system32\drivers\hwpolicy.sys 11:45:43.0003 4512 hwpolicy - ok 11:45:43.0018 4512 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\windows\system32\DRIVERS\i8042prt.sys 11:45:43.0034 4512 i8042prt - ok 11:45:43.0143 4512 iaStor (bbb3b6df1abb0fe35802ede85cc1c011) C:\windows\system32\DRIVERS\iaStor.sys 11:45:43.0174 4512 iaStor - ok 11:45:43.0299 4512 iaStorV (d83efb6fd45df9d55e9a1afc63640d50) C:\windows\system32\DRIVERS\iaStorV.sys 11:45:43.0330 4512 iaStorV - ok 11:45:43.0408 4512 idsvc (2f2be70d3e02b6fa877921ab9516d43c) C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 11:45:43.0440 4512 idsvc - ok 11:45:43.0674 4512 igfx (3c3f27002abc69c5afe29cbe6cf7addf) C:\windows\system32\DRIVERS\igdkmd64.sys 11:45:43.0939 4512 igfx - ok 11:45:44.0048 4512 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\windows\system32\DRIVERS\iirsp.sys 11:45:44.0064 4512 iirsp - ok 11:45:44.0126 4512 IKEEXT (c5b4683680df085b57bc53e5ef34861f) C:\windows\System32\ikeext.dll 11:45:44.0173 4512 IKEEXT - ok 11:45:44.0298 4512 IntcAzAudAddService (0c3cf4b3bae28e121a1689e3538f8712) C:\windows\system32\drivers\RTKVHD64.sys 11:45:44.0344 4512 IntcAzAudAddService - ok 11:45:44.0454 4512 IntcHdmiAddService (88a20fa54c73ded4e8dac764e9130ae9) C:\windows\system32\drivers\IntcHdmi.sys 11:45:44.0500 4512 IntcHdmiAddService - ok 11:45:44.0594 4512 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\windows\system32\DRIVERS\intelide.sys 11:45:44.0610 4512 intelide - ok 11:45:44.0641 4512 intelppm (ada036632c664caa754079041cf1f8c1) C:\windows\system32\DRIVERS\intelppm.sys 11:45:44.0672 4512 intelppm - ok 11:45:44.0766 4512 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\windows\system32\ipbusenum.dll 11:45:44.0828 4512 IPBusEnum - ok 11:45:44.0875 4512 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\windows\system32\DRIVERS\ipfltdrv.sys 11:45:44.0953 4512 IpFilterDriver - ok 11:45:45.0046 4512 iphlpsvc (f8e058d17363ec580e4b7232778b6cb5) C:\windows\System32\iphlpsvc.dll 11:45:45.0140 4512 iphlpsvc - ok 11:45:45.0234 4512 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\windows\system32\DRIVERS\IPMIDrv.sys 11:45:45.0265 4512 IPMIDRV - ok 11:45:45.0296 4512 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\windows\system32\drivers\ipnat.sys 11:45:45.0358 4512 IPNAT - ok 11:45:45.0452 4512 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\windows\system32\drivers\irenum.sys 11:45:45.0499 4512 IRENUM - ok 11:45:45.0608 4512 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\windows\system32\DRIVERS\isapnp.sys 11:45:45.0639 4512 isapnp - ok 11:45:45.0655 4512 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\windows\system32\DRIVERS\msiscsi.sys 11:45:45.0670 4512 iScsiPrt - ok 11:45:45.0686 4512 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\windows\system32\DRIVERS\kbdclass.sys 11:45:45.0702 4512 kbdclass - ok 11:45:45.0795 4512 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\windows\system32\DRIVERS\kbdhid.sys 11:45:45.0826 4512 kbdhid - ok 11:45:45.0873 4512 KeyIso (156f6159457d0aa7e59b62681b56eb90) C:\windows\system32\lsass.exe 11:45:45.0889 4512 KeyIso - ok 11:45:45.0982 4512 kl1 (8d7120743a0973ceab548b475c9d4289) C:\windows\system32\DRIVERS\kl1.sys 11:45:45.0998 4512 kl1 - ok 11:45:46.0092 4512 kl2 (cd146d8e525d6eebdcaf24120a8ab9ce) C:\windows\system32\DRIVERS\kl2.sys 11:45:46.0107 4512 kl2 - ok 11:45:46.0154 4512 KLIF (177505577604c94c4be7b9316a90ada1) C:\windows\system32\DRIVERS\klif.sys 11:45:46.0170 4512 KLIF - ok 11:45:46.0263 4512 KLIM6 (2a64b3a9eed93a2e96537b67c079fc96) C:\windows\system32\DRIVERS\klim6.sys 11:45:46.0279 4512 KLIM6 - ok 11:45:46.0341 4512 klmouflt (9468d07e91ba136d82415f5dfc1fe168) C:\windows\system32\DRIVERS\klmouflt.sys 11:45:46.0357 4512 klmouflt - ok 11:45:46.0466 4512 KSecDD (16c1b906fc5ead84769f90b736b6bf0e) C:\windows\system32\Drivers\ksecdd.sys 11:45:46.0497 4512 KSecDD - ok 11:45:46.0544 4512 KSecPkg (0b711550c56444879d71c7daabda6c83) C:\windows\system32\Drivers\ksecpkg.sys 11:45:46.0575 4512 KSecPkg - ok 11:45:46.0669 4512 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\windows\system32\drivers\ksthunk.sys 11:45:46.0747 4512 ksthunk - ok 11:45:46.0825 4512 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\windows\system32\msdtckrm.dll 11:45:46.0887 4512 KtmRm - ok 11:45:46.0950 4512 LanmanServer (81f1d04d4d0e433099365127375fd501) C:\windows\system32\srvsvc.dll 11:45:47.0012 4512 LanmanServer - ok 11:45:47.0090 4512 LanmanWorkstation (27026eac8818e8a6c00a1cad2f11d29a) C:\windows\System32\wkssvc.dll 11:45:47.0168 4512 LanmanWorkstation - ok 11:45:47.0230 4512 lltdio (1538831cf8ad2979a04c423779465827) C:\windows\system32\DRIVERS\lltdio.sys 11:45:47.0308 4512 lltdio - ok 11:45:47.0402 4512 lltdsvc (c1185803384ab3feed115f79f109427f) C:\windows\System32\lltdsvc.dll 11:45:47.0480 4512 lltdsvc - ok 11:45:47.0511 4512 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\windows\System32\lmhsvc.dll 11:45:47.0558 4512 lmhosts - ok 11:45:47.0620 4512 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\windows\system32\DRIVERS\lsi_fc.sys 11:45:47.0636 4512 LSI_FC - ok 11:45:47.0683 4512 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\windows\system32\DRIVERS\lsi_sas.sys 11:45:47.0714 4512 LSI_SAS - ok 11:45:47.0776 4512 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\windows\system32\DRIVERS\lsi_sas2.sys 11:45:47.0792 4512 LSI_SAS2 - ok 11:45:47.0870 4512 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\windows\system32\DRIVERS\lsi_scsi.sys 11:45:47.0886 4512 LSI_SCSI - ok 11:45:47.0917 4512 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\windows\system32\drivers\luafv.sys 11:45:47.0964 4512 luafv - ok 11:45:48.0057 4512 Mcx2Svc (f84c8f1000bc11e3b7b23cbd3baff111) C:\windows\system32\Mcx2Svc.dll 11:45:48.0120 4512 Mcx2Svc - ok 11:45:48.0198 4512 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\windows\system32\DRIVERS\megasas.sys 11:45:48.0229 4512 megasas - ok 11:45:48.0260 4512 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\windows\system32\DRIVERS\MegaSR.sys 11:45:48.0276 4512 MegaSR - ok 11:45:48.0369 4512 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\windows\system32\mmcss.dll 11:45:48.0447 4512 MMCSS - ok 11:45:48.0478 4512 Modem (800ba92f7010378b09f9ed9270f07137) C:\windows\system32\drivers\modem.sys 11:45:48.0541 4512 Modem - ok 11:45:48.0619 4512 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\windows\system32\DRIVERS\monitor.sys 11:45:48.0666 4512 monitor - ok 11:45:48.0775 4512 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\windows\system32\DRIVERS\mouclass.sys 11:45:48.0790 4512 mouclass - ok 11:45:48.0822 4512 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\windows\system32\DRIVERS\mouhid.sys 11:45:48.0853 4512 mouhid - ok 11:45:48.0946 4512 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\windows\system32\drivers\mountmgr.sys 11:45:48.0962 4512 mountmgr - ok 11:45:48.0993 4512 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\windows\system32\DRIVERS\mpio.sys 11:45:49.0009 4512 mpio - ok 11:45:49.0102 4512 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\windows\system32\drivers\mpsdrv.sys 11:45:49.0165 4512 mpsdrv - ok 11:45:49.0243 4512 MpsSvc (aecab449567d1846dad63ece49e893e3) C:\windows\system32\mpssvc.dll 11:45:49.0305 4512 MpsSvc - ok 11:45:49.0414 4512 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\windows\system32\drivers\mrxdav.sys 11:45:49.0461 4512 MRxDAV - ok 11:45:49.0508 4512 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\windows\system32\DRIVERS\mrxsmb.sys 11:45:49.0524 4512 mrxsmb - ok 11:45:49.0633 4512 mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\windows\system32\DRIVERS\mrxsmb10.sys 11:45:49.0664 4512 mrxsmb10 - ok 11:45:49.0711 4512 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\windows\system32\DRIVERS\mrxsmb20.sys 11:45:49.0742 4512 mrxsmb20 - ok 11:45:49.0836 4512 msahci (5c37497276e3b3a5488b23a326a754b7) C:\windows\system32\DRIVERS\msahci.sys 11:45:49.0867 4512 msahci - ok 11:45:49.0882 4512 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\windows\system32\DRIVERS\msdsm.sys 11:45:49.0898 4512 msdsm - ok 11:45:49.0945 4512 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\windows\System32\msdtc.exe 11:45:49.0976 4512 MSDTC - ok 11:45:50.0070 4512 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\windows\system32\drivers\Msfs.sys 11:45:50.0132 4512 Msfs - ok 11:45:50.0148 4512 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\windows\System32\drivers\mshidkmdf.sys 11:45:50.0210 4512 mshidkmdf - ok 11:45:50.0288 4512 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\windows\system32\DRIVERS\msisadrv.sys 11:45:50.0304 4512 msisadrv - ok 11:45:50.0350 4512 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\windows\system32\iscsiexe.dll 11:45:50.0413 4512 MSiSCSI - ok 11:45:50.0460 4512 msiserver - ok 11:45:50.0569 4512 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\windows\system32\drivers\MSKSSRV.sys 11:45:50.0616 4512 MSKSSRV - ok 11:45:50.0631 4512 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\windows\system32\drivers\MSPCLOCK.sys 11:45:50.0678 4512 MSPCLOCK - ok 11:45:50.0772 4512 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\windows\system32\drivers\MSPQM.sys 11:45:50.0850 4512 MSPQM - ok 11:45:50.0881 4512 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\windows\system32\drivers\MsRPC.sys 11:45:50.0896 4512 MsRPC - ok 11:45:50.0990 4512 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\windows\system32\DRIVERS\mssmbios.sys 11:45:51.0006 4512 mssmbios - ok 11:45:51.0115 4512 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\windows\system32\drivers\MSTEE.sys 11:45:51.0177 4512 MSTEE - ok 11:45:51.0208 4512 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\windows\system32\DRIVERS\MTConfig.sys 11:45:51.0240 4512 MTConfig - ok 11:45:51.0333 4512 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\windows\system32\Drivers\mup.sys 11:45:51.0364 4512 Mup - ok 11:45:51.0396 4512 napagent (4987e079a4530fa737a128be54b63b12) C:\windows\system32\qagentRT.dll 11:45:51.0489 4512 napagent - ok 11:45:51.0598 4512 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\windows\system32\DRIVERS\nwifi.sys 11:45:51.0645 4512 NativeWifiP - ok 11:45:51.0770 4512 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\windows\system32\drivers\ndis.sys 11:45:51.0801 4512 NDIS - ok 11:45:51.0895 4512 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\windows\system32\DRIVERS\ndiscap.sys 11:45:51.0957 4512 NdisCap - ok 11:45:52.0051 4512 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\windows\system32\DRIVERS\ndistapi.sys 11:45:52.0098 4512 NdisTapi - ok 11:45:52.0191 4512 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\windows\system32\DRIVERS\ndisuio.sys 11:45:52.0254 4512 Ndisuio - ok 11:45:52.0269 4512 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\windows\system32\DRIVERS\ndiswan.sys 11:45:52.0316 4512 NdisWan - ok 11:45:52.0394 4512 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\windows\system32\drivers\NDProxy.sys 11:45:52.0441 4512 NDProxy - ok 11:45:52.0488 4512 Net Driver HPZ12 (d5ac41ae382738483faffbd7e373d49a) C:\Windows\system32\HPZinw12.dll 11:45:52.0503 4512 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning 11:45:52.0503 4512 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1) 11:45:52.0597 4512 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\windows\system32\DRIVERS\netbios.sys 11:45:52.0675 4512 NetBIOS - ok 11:45:52.0706 4512 NetBT (9162b273a44ab9dce5b44362731d062a) C:\windows\system32\DRIVERS\netbt.sys 11:45:52.0753 4512 NetBT - ok 11:45:52.0846 4512 Netlogon (156f6159457d0aa7e59b62681b56eb90) C:\windows\system32\lsass.exe 11:45:52.0878 4512 Netlogon - ok 11:45:52.0924 4512 Netman (847d3ae376c0817161a14a82c8922a9e) C:\windows\System32\netman.dll 11:45:53.0018 4512 Netman - ok 11:45:53.0080 4512 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\windows\System32\netprofm.dll 11:45:53.0158 4512 netprofm - ok 11:45:53.0236 4512 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe 11:45:53.0268 4512 NetTcpPortSharing - ok 11:45:53.0330 4512 nfrd960 (77889813be4d166cdab78ddba990da92) C:\windows\system32\DRIVERS\nfrd960.sys 11:45:53.0346 4512 nfrd960 - ok 11:45:53.0408 4512 NlaSvc (d9a0ce66046d6efa0c61baa885cba0a8) C:\windows\System32\nlasvc.dll 11:45:53.0486 4512 NlaSvc - ok 11:45:53.0548 4512 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\windows\system32\drivers\Npfs.sys 11:45:53.0611 4512 Npfs - ok 11:45:53.0658 4512 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\windows\system32\nsisvc.dll 11:45:53.0736 4512 nsi - ok 11:45:53.0798 4512 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\windows\system32\drivers\nsiproxy.sys 11:45:53.0876 4512 nsiproxy - ok 11:45:53.0970 4512 Ntfs (356698a13c4630d5b31c37378d469196) C:\windows\system32\drivers\Ntfs.sys 11:45:54.0032 4512 Ntfs - ok 11:45:54.0110 4512 Null (9899284589f75fa8724ff3d16aed75c1) C:\windows\system32\drivers\Null.sys 11:45:54.0204 4512 Null - ok 11:45:54.0297 4512 nvraid (3e38712941e9bb4ddbee00affe3fed3d) C:\windows\system32\DRIVERS\nvraid.sys 11:45:54.0328 4512 nvraid - ok 11:45:54.0344 4512 nvstor (477dc4d6deb99be37084c9ac6d013da1) C:\windows\system32\DRIVERS\nvstor.sys 11:45:54.0360 4512 nvstor - ok 11:45:54.0469 4512 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\windows\system32\DRIVERS\nv_agp.sys 11:45:54.0500 4512 nv_agp - ok 11:45:54.0594 4512 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE 11:45:54.0625 4512 odserv - ok 11:45:54.0718 4512 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\windows\system32\DRIVERS\ohci1394.sys 11:45:54.0765 4512 ohci1394 - ok 11:45:54.0843 4512 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE 11:45:54.0874 4512 ose - ok 11:45:54.0968 4512 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\windows\system32\pnrpsvc.dll 11:45:55.0015 4512 p2pimsvc - ok 11:45:55.0108 4512 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\windows\system32\p2psvc.dll 11:45:55.0140 4512 p2psvc - ok 11:45:55.0233 4512 Parport (0086431c29c35be1dbc43f52cc273887) C:\windows\system32\DRIVERS\parport.sys 11:45:55.0249 4512 Parport - ok 11:45:55.0280 4512 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\windows\system32\drivers\partmgr.sys 11:45:55.0296 4512 partmgr - ok 11:45:55.0374 4512 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\windows\System32\pcasvc.dll 11:45:55.0405 4512 PcaSvc - ok 11:45:55.0467 4512 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\windows\system32\DRIVERS\pci.sys 11:45:55.0483 4512 pci - ok 11:45:55.0561 4512 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\windows\system32\DRIVERS\pciide.sys 11:45:55.0576 4512 pciide - ok 11:45:55.0608 4512 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\windows\system32\DRIVERS\pcmcia.sys 11:45:55.0623 4512 pcmcia - ok 11:45:55.0654 4512 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\windows\system32\drivers\pcw.sys 11:45:55.0670 4512 pcw - ok 11:45:55.0764 4512 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\windows\system32\drivers\peauth.sys 11:45:55.0842 4512 PEAUTH - ok 11:45:55.0920 4512 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\windows\SysWow64\perfhost.exe 11:45:55.0982 4512 PerfHost - ok 11:45:56.0076 4512 PGEffect (663962900e7fea522126ba287715bb4a) C:\windows\system32\DRIVERS\pgeffect.sys 11:45:56.0091 4512 PGEffect - ok 11:45:56.0169 4512 pla (557e9a86f65f0de18c9b6751dfe9d3f1) C:\windows\system32\pla.dll 11:45:56.0278 4512 pla - ok 11:45:56.0403 4512 PlugPlay (98b1721b8718164293b9701b98c52d77) C:\windows\system32\umpnpmgr.dll 11:45:56.0450 4512 PlugPlay - ok 11:45:56.0590 4512 Pml Driver HPZ12 (37f6046cdc630442d7dc087501ff6fc6) C:\Windows\system32\HPZipm12.dll 11:45:56.0622 4512 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning 11:45:56.0622 4512 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1) 11:45:56.0668 4512 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\windows\system32\pnrpauto.dll 11:45:56.0715 4512 PNRPAutoReg - ok 11:45:56.0778 4512 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\windows\system32\pnrpsvc.dll 11:45:56.0824 4512 PNRPsvc - ok 11:45:56.0887 4512 PolicyAgent (166eb40d1f5b47e615de3d0fffe5f243) C:\windows\System32\ipsecsvc.dll 11:45:56.0980 4512 PolicyAgent - ok 11:45:57.0074 4512 Power (6ba9d927dded70bd1a9caded45f8b184) C:\windows\system32\umpo.dll 11:45:57.0152 4512 Power - ok 11:45:57.0246 4512 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\windows\system32\DRIVERS\raspptp.sys 11:45:57.0308 4512 PptpMiniport - ok 11:45:57.0324 4512 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\windows\system32\DRIVERS\processr.sys 11:45:57.0355 4512 Processor - ok 11:45:57.0464 4512 ProfSvc (f381975e1f4346de875cb07339ce8d3a) C:\windows\system32\profsvc.dll 11:45:57.0558 4512 ProfSvc - ok 11:45:57.0604 4512 ProtectedStorage (156f6159457d0aa7e59b62681b56eb90) C:\windows\system32\lsass.exe 11:45:57.0620 4512 ProtectedStorage - ok 11:45:57.0698 4512 Psched (ee992183bd8eaefd9973f352e587a299) C:\windows\system32\DRIVERS\pacer.sys 11:45:57.0760 4512 Psched - ok 11:45:57.0838 4512 PxHlpa64 (46851bc18322da70f3f2299a1007c479) C:\windows\system32\Drivers\PxHlpa64.sys 11:45:57.0854 4512 PxHlpa64 - ok 11:45:57.0948 4512 QBCFMonitorService (0a2c21b3168f2efc3468b35ff5508cea) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe 11:45:57.0948 4512 QBCFMonitorService ( UnsignedFile.Multi.Generic ) - warning 11:45:57.0948 4512 QBCFMonitorService - detected UnsignedFile.Multi.Generic (1) 11:45:58.0041 4512 QBFCService (bab30d2799754f6ea22f0b9076311793) C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe 11:45:58.0057 4512 QBFCService ( UnsignedFile.Multi.Generic ) - warning 11:45:58.0057 4512 QBFCService - detected UnsignedFile.Multi.Generic (1) 11:45:58.0197 4512 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\windows\system32\DRIVERS\ql2300.sys 11:45:58.0244 4512 ql2300 - ok 11:45:58.0338 4512 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\windows\system32\DRIVERS\ql40xx.sys 11:45:58.0353 4512 ql40xx - ok 11:45:58.0400 4512 QWAVE (906191634e99aea92c4816150bda3732) C:\windows\system32\qwave.dll 11:45:58.0431 4512 QWAVE - ok 11:45:58.0540 4512 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\windows\system32\drivers\qwavedrv.sys 11:45:58.0603 4512 QWAVEdrv - ok 11:45:58.0634 4512 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\windows\system32\DRIVERS\rasacd.sys 11:45:58.0681 4512 RasAcd - ok 11:45:58.0774 4512 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\windows\system32\DRIVERS\AgileVpn.sys 11:45:58.0837 4512 RasAgileVpn - ok 11:45:58.0868 4512 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\windows\System32\rasauto.dll 11:45:58.0915 4512 RasAuto - ok 11:45:59.0008 4512 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\windows\system32\DRIVERS\rasl2tp.sys 11:45:59.0086 4512 Rasl2tp - ok 11:45:59.0149 4512 RasMan (47394ed3d16d053f5906efe5ab51cc83) C:\windows\System32\rasmans.dll 11:45:59.0211 4512 RasMan - ok 11:45:59.0320 4512 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\windows\system32\DRIVERS\raspppoe.sys 11:45:59.0414 4512 RasPppoe - ok 11:45:59.0445 4512 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\windows\system32\DRIVERS\rassstp.sys 11:45:59.0492 4512 RasSstp - ok 11:45:59.0586 4512 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\windows\system32\DRIVERS\rdbss.sys 11:45:59.0648 4512 rdbss - ok 11:45:59.0664 4512 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\windows\system32\DRIVERS\rdpbus.sys 11:45:59.0695 4512 rdpbus - ok 11:45:59.0773 4512 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\windows\system32\DRIVERS\RDPCDD.sys 11:45:59.0820 4512 RDPCDD - ok 11:45:59.0851 4512 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\windows\system32\drivers\rdpencdd.sys 11:45:59.0913 4512 RDPENCDD - ok 11:46:00.0007 4512 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\windows\system32\drivers\rdprefmp.sys 11:46:00.0054 4512 RDPREFMP - ok 11:46:00.0100 4512 RDPWD (074ac702d8b8b660b0e1371555995386) C:\windows\system32\drivers\RDPWD.sys 11:46:00.0132 4512 RDPWD - ok 11:46:00.0225 4512 rdyboost (634b9a2181d98f15941236886164ec8b) C:\windows\system32\drivers\rdyboost.sys 11:46:00.0256 4512 rdyboost - ok 11:46:00.0288 4512 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\windows\System32\mprdim.dll 11:46:00.0334 4512 RemoteAccess - ok 11:46:00.0412 4512 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\windows\system32\regsvc.dll 11:46:00.0490 4512 RemoteRegistry - ok 11:46:00.0600 4512 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\windows\system32\DRIVERS\rfcomm.sys 11:46:00.0662 4512 RFCOMM - ok 11:46:00.0756 4512 rimspci (e20b1907fc72a3664ece21e3c20fc63d) C:\windows\system32\DRIVERS\rimspe64.sys 11:46:00.0802 4512 rimspci - ok 11:46:00.0896 4512 risdpcie (7dda2e5cf452dad24b1be704225c18ee) C:\windows\system32\DRIVERS\risdpe64.sys 11:46:00.0927 4512 risdpcie - ok 11:46:01.0021 4512 rixdpcie (6a1cd4674505e6791390a1ab71da1fbe) C:\windows\system32\DRIVERS\rixdpe64.sys 11:46:01.0083 4512 rixdpcie - ok 11:46:01.0177 4512 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\windows\System32\RpcEpMap.dll 11:46:01.0239 4512 RpcEptMapper - ok 11:46:01.0270 4512 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\windows\system32\locator.exe 11:46:01.0302 4512 RpcLocator - ok 11:46:01.0380 4512 RpcSs (7266972e86890e2b30c0c322e906b027) C:\windows\system32\rpcss.dll 11:46:01.0426 4512 RpcSs - ok 11:46:01.0536 4512 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\windows\system32\DRIVERS\rspndr.sys 11:46:01.0582 4512 rspndr - ok 11:46:01.0676 4512 RTL8167 (f65f171165fbb613f7aa3cc78e8cab42) C:\windows\system32\DRIVERS\Rt64win7.sys 11:46:01.0738 4512 RTL8167 - ok 11:46:01.0863 4512 rtl8192se (7cd14bf5b42931fb80bee5d3e6ba7089) C:\windows\system32\DRIVERS\rtl8192se.sys 11:46:01.0910 4512 rtl8192se - ok 11:46:02.0004 4512 SamSs (156f6159457d0aa7e59b62681b56eb90) C:\windows\system32\lsass.exe 11:46:02.0035 4512 SamSs - ok 11:46:02.0097 4512 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\windows\system32\DRIVERS\sbp2port.sys 11:46:02.0128 4512 sbp2port - ok 11:46:02.0175 4512 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\windows\System32\SCardSvr.dll 11:46:02.0222 4512 SCardSvr - ok 11:46:02.0300 4512 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\windows\system32\DRIVERS\scfilter.sys 11:46:02.0362 4512 scfilter - ok 11:46:02.0472 4512 Schedule (624d0f5ff99428bb90a5b8a4123e918e) C:\windows\system32\schedsvc.dll 11:46:02.0534 4512 Schedule - ok 11:46:02.0628 4512 SCPolicySvc (312e2f82af11e79906898ac3e3d58a1f) C:\windows\System32\certprop.dll 11:46:02.0674 4512 SCPolicySvc - ok 11:46:02.0737 4512 sdbus (54e47ad086782d3ae9417c155cdceb9b) C:\windows\system32\DRIVERS\sdbus.sys 11:46:02.0784 4512 sdbus - ok 11:46:02.0846 4512 SDRSVC (765a27c3279ce11d14cb9e4f5869fca5) C:\windows\System32\SDRSVC.dll 11:46:02.0908 4512 SDRSVC - ok 11:46:03.0018 4512 SeaPort (4a5809a1d796e2675ac0332bf7b0cb11) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe 11:46:03.0049 4512 SeaPort - ok 11:46:03.0142 4512 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\windows\system32\drivers\secdrv.sys 11:46:03.0189 4512 secdrv - ok 11:46:03.0220 4512 seclogon (463b386ebc70f98da5dff85f7e654346) C:\windows\system32\seclogon.dll 11:46:03.0283 4512 seclogon - ok 11:46:03.0361 4512 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\windows\System32\sens.dll 11:46:03.0423 4512 SENS - ok 11:46:03.0454 4512 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\windows\system32\sensrsvc.dll 11:46:03.0501 4512 SensrSvc - ok 11:46:03.0564 4512 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\windows\system32\DRIVERS\serenum.sys 11:46:03.0626 4512 Serenum - ok 11:46:03.0673 4512 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\windows\system32\DRIVERS\serial.sys 11:46:03.0704 4512 Serial - ok 11:46:03.0766 4512 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\windows\system32\DRIVERS\sermouse.sys 11:46:03.0813 4512 sermouse - ok 11:46:03.0907 4512 SessionEnv (c3bc61ce47ff6f4e88ab8a3b429a36af) C:\windows\system32\sessenv.dll 11:46:03.0938 4512 SessionEnv - ok 11:46:04.0000 4512 sffdisk (a554811bcd09279536440c964ae35bbf) C:\windows\system32\DRIVERS\sffdisk.sys 11:46:04.0047 4512 sffdisk - ok 11:46:04.0078 4512 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\windows\system32\DRIVERS\sffp_mmc.sys 11:46:04.0125 4512 sffp_mmc - ok 11:46:04.0203 4512 sffp_sd (5588b8c6193eb1522490c122eb94dffa) C:\windows\system32\DRIVERS\sffp_sd.sys 11:46:04.0234 4512 sffp_sd - ok 11:46:04.0281 4512 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\windows\system32\DRIVERS\sfloppy.sys 11:46:04.0312 4512 sfloppy - ok 11:46:04.0375 4512 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\windows\System32\ipnathlp.dll 11:46:04.0468 4512 SharedAccess - ok 11:46:04.0515 4512 ShellHWDetection (0298ac45d0efffb2db4baa7dd186e7bf) C:\windows\System32\shsvcs.dll 11:46:04.0546 4512 ShellHWDetection - ok 11:46:04.0593 4512 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\windows\system32\DRIVERS\SiSRaid2.sys 11:46:04.0624 4512 SiSRaid2 - ok 11:46:04.0656 4512 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\windows\system32\DRIVERS\sisraid4.sys 11:46:04.0671 4512 SiSRaid4 - ok 11:46:04.0687 4512 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\windows\system32\DRIVERS\smb.sys 11:46:04.0749 4512 Smb - ok 11:46:04.0812 4512 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\windows\System32\snmptrap.exe 11:46:04.0858 4512 SNMPTRAP - ok 11:46:04.0921 4512 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\windows\system32\drivers\spldr.sys 11:46:04.0936 4512 spldr - ok 11:46:05.0014 4512 Spooler (f8e1fa03cb70d54a9892ac88b91d1e7b) C:\windows\System32\spoolsv.exe 11:46:05.0061 4512 Spooler - ok 11:46:05.0233 4512 sppsvc (913d843498553a1bc8f8dbad6358e49f) C:\windows\system32\sppsvc.exe 11:46:05.0295 4512 sppsvc - ok 11:46:05.0389 4512 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\windows\system32\sppuinotify.dll 11:46:05.0467 4512 sppuinotify - ok 11:46:05.0607 4512 sptd (51de15ca5c05bca46d8b110cd00a02fb) C:\windows\system32\Drivers\sptd.sys 11:46:05.0607 4512 Suspicious file (NoAccess): C:\windows\system32\Drivers\sptd.sys. md5: 51de15ca5c05bca46d8b110cd00a02fb 11:46:05.0623 4512 sptd ( LockedFile.Multi.Generic ) - warning 11:46:05.0623 4512 sptd - detected LockedFile.Multi.Generic (1) 11:46:05.0732 4512 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\windows\system32\DRIVERS\srv.sys 11:46:05.0779 4512 srv - ok 11:46:05.0919 4512 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\windows\system32\DRIVERS\srv2.sys 11:46:05.0950 4512 srv2 - ok 11:46:05.0982 4512 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\windows\system32\DRIVERS\srvnet.sys 11:46:06.0044 4512 srvnet - ok 11:46:06.0122 4512 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\windows\System32\ssdpsrv.dll 11:46:06.0184 4512 SSDPSRV - ok 11:46:06.0231 4512 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\windows\system32\sstpsvc.dll 11:46:06.0309 4512 SstpSvc - ok 11:46:06.0434 4512 StarWindServiceAE (e5c796b621f6fba8616511063d7f0ffe) C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe 11:46:06.0450 4512 StarWindServiceAE ( UnsignedFile.Multi.Generic ) - warning 11:46:06.0450 4512 StarWindServiceAE - detected UnsignedFile.Multi.Generic (1) 11:46:06.0543 4512 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\windows\system32\DRIVERS\stexstor.sys 11:46:06.0574 4512 stexstor - ok 11:46:06.0637 4512 StillCam (decacb6921ded1a38642642685d77dac) C:\windows\system32\DRIVERS\serscan.sys 11:46:06.0699 4512 StillCam - ok 11:46:06.0793 4512 stisvc (52d0e33b681bd0f33fdc08812fee4f7d) C:\windows\System32\wiaservc.dll 11:46:06.0855 4512 stisvc - ok 11:46:06.0933 4512 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\windows\system32\DRIVERS\swenum.sys 11:46:06.0949 4512 swenum - ok 11:46:06.0996 4512 swprv (e08e46fdd841b7184194011ca1955a0b) C:\windows\System32\swprv.dll 11:46:07.0042 4512 swprv - ok 11:46:07.0167 4512 SynTP (be7311da9d6833fa69ed04b744a1c8f8) C:\windows\system32\DRIVERS\SynTP.sys 11:46:07.0198 4512 SynTP - ok 11:46:07.0276 4512 SysMain (3c1284516a62078fb68f768de4f1a7be) C:\windows\system32\sysmain.dll 11:46:07.0339 4512 SysMain - ok 11:46:07.0432 4512 TabletInputService (238935c3cf2854886dc7cbb2a0e2cc66) C:\windows\System32\TabSvc.dll 11:46:07.0495 4512 TabletInputService - ok 11:46:07.0604 4512 TapiSrv (884264ac597b690c5707c89723bb8e7b) C:\windows\System32\tapisrv.dll 11:46:07.0682 4512 TapiSrv - ok 11:46:07.0760 4512 TBS (1be03ac720f4d302ea01d40f588162f6) C:\windows\System32\tbssvc.dll 11:46:07.0807 4512 TBS - ok 11:46:07.0901 4512 Tcpip (f18f56efc0bfb9c87ba01c37b27f4da5) C:\windows\system32\drivers\tcpip.sys 11:46:07.0947 4512 Tcpip - ok 11:46:08.0103 4512 TCPIP6 (f18f56efc0bfb9c87ba01c37b27f4da5) C:\windows\system32\DRIVERS\tcpip.sys 11:46:08.0150 4512 TCPIP6 - ok 11:46:08.0213 4512 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\windows\system32\drivers\tcpipreg.sys 11:46:08.0291 4512 tcpipreg - ok 11:46:08.0337 4512 tdcmdpst (fd542b661bd22fa69ca789ad0ac58c29) C:\windows\system32\DRIVERS\tdcmdpst.sys 11:46:08.0353 4512 tdcmdpst - ok 11:46:08.0431 4512 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\windows\system32\drivers\tdpipe.sys 11:46:08.0478 4512 TDPIPE - ok 11:46:08.0525 4512 TDTCP (7518f7bcfd4b308abc9192bacaf6c970) C:\windows\system32\drivers\tdtcp.sys 11:46:08.0556 4512 TDTCP - ok 11:46:08.0634 4512 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\windows\system32\DRIVERS\tdx.sys 11:46:08.0727 4512 tdx - ok 11:46:08.0743 4512 TermDD (c448651339196c0e869a355171875522) C:\windows\system32\DRIVERS\termdd.sys 11:46:08.0759 4512 TermDD - ok 11:46:08.0805 4512 TermService (0f05ec2887bfe197ad82a13287d2f404) C:\windows\System32\termsrv.dll 11:46:08.0868 4512 TermService - ok 11:46:08.0946 4512 Themes (f0344071948d1a1fa732231785a0664c) C:\windows\system32\themeservice.dll 11:46:09.0008 4512 Themes - ok 11:46:09.0117 4512 Thpdrv (c013f6acaa9761f571bd28dada7c157d) C:\windows\system32\DRIVERS\thpdrv.sys 11:46:09.0133 4512 Thpdrv - ok 11:46:09.0149 4512 Thpevm (b4e609047434ed948af7bdef2fa66e38) C:\windows\system32\DRIVERS\Thpevm.SYS 11:46:09.0164 4512 Thpevm - ok 11:46:09.0258 4512 Thpsrv (6146eac71ae3c9da17b0e33632082b7b) C:\windows\system32\ThpSrv.exe 11:46:09.0289 4512 Thpsrv - ok 11:46:09.0367 4512 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\windows\system32\mmcss.dll 11:46:09.0429 4512 THREADORDER - ok 11:46:09.0492 4512 TMachInfo (0497e8e82332aa94df04a78439c358ce) C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe 11:46:09.0523 4512 TMachInfo - ok 11:46:09.0617 4512 TODDSrv (ed32035bdfeced1ad66d459fd9cc1140) C:\Windows\system32\TODDSrv.exe 11:46:09.0632 4512 TODDSrv - ok 11:46:09.0726 4512 TosCoSrv (4db8c79bcea76063b83b13410366a1f7) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe 11:46:09.0741 4512 TosCoSrv - ok 11:46:09.0835 4512 TOSHIBA eco Utility Service (32ff64d06a91daa0331c624aff442679) C:\Program Files\TOSHIBA\TECO\TecoService.exe 11:46:09.0866 4512 TOSHIBA eco Utility Service - ok 11:46:09.0944 4512 TOSHIBA HDD SSD Alert Service (dd58e1250f604cbbadda04575e5e2376) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe 11:46:09.0944 4512 TOSHIBA HDD SSD Alert Service - ok 11:46:10.0085 4512 tos_sps64 (09ff7b0b1b5c3d225495cb6f5a9b39f8) C:\windows\system32\DRIVERS\tos_sps64.sys 11:46:10.0100 4512 tos_sps64 - ok 11:46:10.0209 4512 TPCHSrv (de64c52bd0671165cf2eebf2a728a3e2) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe 11:46:10.0225 4512 TPCHSrv - ok 11:46:10.0319 4512 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\windows\System32\trkwks.dll 11:46:10.0412 4512 TrkWks - ok 11:46:10.0490 4512 TrustedInstaller (840f7fb849f5887a49ba18c13b2da920) C:\windows\servicing\TrustedInstaller.exe 11:46:10.0521 4512 TrustedInstaller - ok 11:46:10.0553 4512 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\windows\system32\DRIVERS\tssecsrv.sys 11:46:10.0615 4512 tssecsrv - ok 11:46:10.0709 4512 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\windows\system32\DRIVERS\tunnel.sys 11:46:10.0787 4512 tunnel - ok 11:46:10.0833 4512 TVALZ (550b567f9364d8f7684c3fb3ea665a72) C:\windows\system32\DRIVERS\TVALZ_O.SYS 11:46:10.0849 4512 TVALZ - ok 11:46:10.0927 4512 TVALZFL (9c7191f4b2e49bff47a6c1144b5923fa) C:\windows\system32\DRIVERS\TVALZFL.sys 11:46:10.0958 4512 TVALZFL - ok 11:46:10.0974 4512 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\windows\system32\DRIVERS\uagp35.sys 11:46:10.0989 4512 uagp35 - ok 11:46:11.0083 4512 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\windows\system32\DRIVERS\udfs.sys 11:46:11.0130 4512 udfs - ok 11:46:11.0161 4512 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\windows\system32\UI0Detect.exe 11:46:11.0208 4512 UI0Detect - ok 11:46:11.0301 4512 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\windows\system32\DRIVERS\uliagpkx.sys 11:46:11.0317 4512 uliagpkx - ok 11:46:11.0348 4512 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\windows\system32\DRIVERS\umbus.sys 11:46:11.0364 4512 umbus - ok 11:46:11.0395 4512 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\windows\system32\DRIVERS\umpass.sys 11:46:11.0426 4512 UmPass - ok 11:46:11.0520 4512 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\windows\System32\upnphost.dll 11:46:11.0598 4512 upnphost - ok 11:46:11.0676 4512 usbccgp (b26afb54a534d634523c4fb66765b026) C:\windows\system32\DRIVERS\usbccgp.sys 11:46:11.0738 4512 usbccgp - ok 11:46:11.0801 4512 usbcir (af0892a803fdda7492f595368e3b68e7) C:\windows\system32\DRIVERS\usbcir.sys 11:46:11.0863 4512 usbcir - ok 11:46:11.0894 4512 usbehci (2ea4aff7be7eb4632e3aa8595b0803b5) C:\windows\system32\DRIVERS\usbehci.sys 11:46:11.0941 4512 usbehci - ok 11:46:12.0035 4512 usbhub (4c9042b8df86c1e8e6240c218b99b39b) C:\windows\system32\DRIVERS\usbhub.sys 11:46:12.0081 4512 usbhub - ok 11:46:12.0128 4512 usbohci (58e546bbaf87664fc57e0f6081e4f609) C:\windows\system32\DRIVERS\usbohci.sys 11:46:12.0159 4512 usbohci - ok 11:46:12.0237 4512 usbprint (73188f58fb384e75c4063d29413cee3d) C:\windows\system32\DRIVERS\usbprint.sys 11:46:12.0284 4512 usbprint - ok 11:46:12.0362 4512 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\windows\system32\DRIVERS\usbscan.sys 11:46:12.0409 4512 usbscan - ok 11:46:12.0487 4512 USBSTOR (080d3820da6c046be82fc8b45a893e83) C:\windows\system32\DRIVERS\USBSTOR.SYS 11:46:12.0534 4512 USBSTOR - ok 11:46:12.0581 4512 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\windows\system32\DRIVERS\usbuhci.sys 11:46:12.0596 4512 usbuhci - ok 11:46:12.0643 4512 usbvideo (d501e12614b00a3252073101d6a1a74b) C:\windows\system32\Drivers\usbvideo.sys 11:46:12.0690 4512 usbvideo - ok 11:46:12.0737 4512 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\windows\System32\uxsms.dll 11:46:12.0799 4512 UxSms - ok 11:46:12.0861 4512 VaultSvc (156f6159457d0aa7e59b62681b56eb90) C:\windows\system32\lsass.exe 11:46:12.0893 4512 VaultSvc - ok 11:46:12.0971 4512 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\windows\system32\DRIVERS\vdrvroot.sys 11:46:12.0986 4512 vdrvroot - ok 11:46:13.0049 4512 vds (44d73e0bbc1d3c8981304ba15135c2f2) C:\windows\System32\vds.exe 11:46:13.0111 4512 vds - ok 11:46:13.0189 4512 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\windows\system32\DRIVERS\vgapnp.sys 11:46:13.0205 4512 vga - ok 11:46:13.0251 4512 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\windows\System32\drivers\vga.sys 11:46:13.0298 4512 VgaSave - ok 11:46:13.0314 4512 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\windows\system32\DRIVERS\vhdmp.sys 11:46:13.0329 4512 vhdmp - ok 11:46:13.0345 4512 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\windows\system32\DRIVERS\viaide.sys 11:46:13.0361 4512 viaide - ok 11:46:13.0376 4512 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\windows\system32\DRIVERS\volmgr.sys 11:46:13.0392 4512 volmgr - ok 11:46:13.0470 4512 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\windows\system32\drivers\volmgrx.sys 11:46:13.0485 4512 volmgrx - ok 11:46:13.0532 4512 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\windows\system32\DRIVERS\volsnap.sys 11:46:13.0548 4512 volsnap - ok 11:46:13.0579 4512 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\windows\system32\DRIVERS\vsmraid.sys 11:46:13.0595 4512 vsmraid - ok 11:46:13.0704 4512 VSS (787898bf9fb6d7bd87a36e2d95c899ba) C:\windows\system32\vssvc.exe 11:46:13.0751 4512 VSS - ok 11:46:13.0813 4512 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\windows\system32\DRIVERS\vwifibus.sys 11:46:13.0860 4512 vwifibus - ok 11:46:13.0875 4512 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\windows\system32\DRIVERS\vwififlt.sys 11:46:13.0922 4512 vwififlt - ok 11:46:14.0031 4512 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\windows\system32\DRIVERS\vwifimp.sys 11:46:14.0094 4512 vwifimp - ok 11:46:14.0156 4512 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\windows\system32\w32time.dll 11:46:14.0234 4512 W32Time - ok 11:46:14.0328 4512 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\windows\system32\DRIVERS\wacompen.sys 11:46:14.0375 4512 WacomPen - ok 11:46:14.0406 4512 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\windows\system32\DRIVERS\wanarp.sys 11:46:14.0437 4512 WANARP - ok 11:46:14.0453 4512 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\windows\system32\DRIVERS\wanarp.sys 11:46:14.0484 4512 Wanarpv6 - ok 11:46:14.0640 4512 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\windows\system32\Wat\WatAdminSvc.exe 11:46:14.0687 4512 WatAdminSvc - ok 11:46:14.0811 4512 wbengine (5ab1bb85bd8b5089cc5d64200dedae68) C:\windows\system32\wbengine.exe 11:46:14.0889 4512 wbengine - ok 11:46:14.0983 4512 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\windows\System32\wbiosrvc.dll 11:46:15.0030 4512 WbioSrvc - ok 11:46:15.0061 4512 wcncsvc (8321c2ca3b62b61b293cda3451984468) C:\windows\System32\wcncsvc.dll 11:46:15.0092 4512 wcncsvc - ok 11:46:15.0170 4512 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\windows\System32\WcsPlugInService.dll 11:46:15.0233 4512 WcsPlugInService - ok 11:46:15.0264 4512 Wd (72889e16ff12ba0f235467d6091b17dc) C:\windows\system32\DRIVERS\wd.sys 11:46:15.0279 4512 Wd - ok 11:46:15.0357 4512 WDC_SAM (a3d04ebf5227886029b4532f20d026f7) C:\windows\system32\DRIVERS\wdcsam64.sys 11:46:15.0404 4512 WDC_SAM - ok 11:46:15.0467 4512 WDDMService (fa24fbe15a8036387ecc013d06094f3d) C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe 11:46:15.0482 4512 WDDMService ( UnsignedFile.Multi.Generic ) - warning 11:46:15.0482 4512 WDDMService - detected UnsignedFile.Multi.Generic (1) 11:46:15.0576 4512 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\windows\system32\drivers\Wdf01000.sys 11:46:15.0623 4512 Wdf01000 - ok 11:46:15.0701 4512 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\windows\system32\wdi.dll 11:46:15.0732 4512 WdiServiceHost - ok 11:46:15.0747 4512 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\windows\system32\wdi.dll 11:46:15.0763 4512 WdiSystemHost - ok 11:46:15.0825 4512 WDSmartWareBackgroundService (138ab06adbbf300aa804d7974a5aec82) C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe 11:46:15.0841 4512 WDSmartWareBackgroundService ( UnsignedFile.Multi.Generic ) - warning 11:46:15.0841 4512 WDSmartWareBackgroundService - detected UnsignedFile.Multi.Generic (1) 11:46:15.0935 4512 WebClient (8a438cbb8c032a0c798b0c642ffbe572) C:\windows\System32\webclnt.dll 11:46:15.0997 4512 WebClient - ok 11:46:16.0028 4512 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\windows\system32\wecsvc.dll 11:46:16.0106 4512 Wecsvc - ok 11:46:16.0184 4512 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\windows\System32\wercplsupport.dll 11:46:16.0278 4512 wercplsupport - ok 11:46:16.0325 4512 WerSvc (6d137963730144698cbd10f202e9f251) C:\windows\System32\WerSvc.dll 11:46:16.0403 4512 WerSvc - ok 11:46:16.0481 4512 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\windows\system32\DRIVERS\wfplwf.sys 11:46:16.0574 4512 WfpLwf - ok 11:46:16.0605 4512 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\windows\system32\drivers\wimmount.sys 11:46:16.0621 4512 WIMMount - ok 11:46:16.0652 4512 WinDefend - ok 11:46:16.0652 4512 WinHttpAutoProxySvc - ok 11:46:16.0777 4512 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\windows\system32\wbem\WMIsvc.dll 11:46:16.0824 4512 Winmgmt - ok 11:46:16.0949 4512 WinRM (41fbb751936b387f9179e7f03a74fe29) C:\windows\system32\WsmSvc.dll 11:46:17.0027 4512 WinRM - ok 11:46:17.0167 4512 WinUsb (817eaff5d38674edd7713b9dfb8e9791) C:\windows\system32\DRIVERS\WinUsb.sys 11:46:17.0198 4512 WinUsb - ok 11:46:17.0245 4512 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\windows\System32\wlansvc.dll 11:46:17.0276 4512 Wlansvc - ok 11:46:17.0401 4512 wlidsvc (98f138897ef4246381d197cb81846d62) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 11:46:17.0463 4512 wlidsvc - ok 11:46:17.0541 4512 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\windows\system32\DRIVERS\wmiacpi.sys 11:46:17.0588 4512 WmiAcpi - ok 11:46:17.0651 4512 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\windows\system32\wbem\WmiApSrv.exe 11:46:17.0697 4512 wmiApSrv - ok 11:46:17.0744 4512 WMPNetworkSvc - ok 11:46:17.0807 4512 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\windows\System32\wpcsvc.dll 11:46:17.0853 4512 WPCSvc - ok 11:46:17.0869 4512 WPDBusEnum (2e57ddf2880a7e52e76f41c7e96d327b) C:\windows\system32\wpdbusenum.dll 11:46:17.0916 4512 WPDBusEnum - ok 11:46:17.0994 4512 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\windows\system32\drivers\ws2ifsl.sys 11:46:18.0056 4512 ws2ifsl - ok 11:46:18.0087 4512 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\windows\System32\wscsvc.dll 11:46:18.0119 4512 wscsvc - ok 11:46:18.0212 4512 WSDPrintDevice (8d918b1db190a4d9b1753a66fa8c96e8) C:\windows\system32\DRIVERS\WSDPrint.sys 11:46:18.0275 4512 WSDPrintDevice - ok 11:46:18.0275 4512 WSearch - ok 11:46:18.0368 4512 wuauserv (38340204a2d0228f1e87740fc5e554a7) C:\windows\system32\wuaueng.dll 11:46:18.0446 4512 wuauserv - ok 11:46:18.0524 4512 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\windows\system32\drivers\WudfPf.sys 11:46:18.0602 4512 WudfPf - ok 11:46:18.0649 4512 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\windows\system32\DRIVERS\WUDFRd.sys 11:46:18.0727 4512 WUDFRd - ok 11:46:18.0805 4512 wudfsvc (b551d6637aa0e132c18ac6e504f7b79b) C:\windows\System32\WUDFSvc.dll 11:46:18.0852 4512 wudfsvc - ok 11:46:18.0867 4512 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\windows\System32\wwansvc.dll 11:46:18.0899 4512 WwanSvc - ok 11:46:18.0961 4512 MBR (0x1B8) (5b5e648d12fcadc244c1ec30318e1eb9) \Device\Harddisk0\DR0 11:46:19.0070 4512 \Device\Harddisk0\DR0 - ok 11:46:19.0117 4512 Boot (0x1200) (98938257e2b2777836945f7021fa03b3) \Device\Harddisk0\DR0\Partition0 11:46:19.0117 4512 \Device\Harddisk0\DR0\Partition0 - ok 11:46:19.0117 4512 ============================================================ 11:46:19.0117 4512 Scan finished 11:46:19.0117 4512 ============================================================ 11:46:19.0133 2840 Detected object count: 9 11:46:19.0133 2840 Actual detected object count: 9 11:46:50.0691 2840 HPSLPSVC ( UnsignedFile.Multi.Generic ) - skipped by user 11:46:50.0691 2840 HPSLPSVC ( UnsignedFile.Multi.Generic ) - User select action: Skip 11:46:50.0691 2840 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user 11:46:50.0691 2840 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip 11:46:50.0707 2840 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user 11:46:50.0707 2840 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip 11:46:50.0707 2840 QBCFMonitorService ( UnsignedFile.Multi.Generic ) - skipped by user 11:46:50.0707 2840 QBCFMonitorService ( UnsignedFile.Multi.Generic ) - User select action: Skip 11:46:50.0707 2840 QBFCService ( UnsignedFile.Multi.Generic ) - skipped by user 11:46:50.0707 2840 QBFCService ( UnsignedFile.Multi.Generic ) - User select action: Skip 11:46:50.0707 2840 sptd ( LockedFile.Multi.Generic ) - skipped by user 11:46:50.0707 2840 sptd ( LockedFile.Multi.Generic ) - User select action: Skip 11:46:50.0723 2840 StarWindServiceAE ( UnsignedFile.Multi.Generic ) - skipped by user 11:46:50.0723 2840 StarWindServiceAE ( UnsignedFile.Multi.Generic ) - User select action: Skip 11:46:50.0723 2840 WDDMService ( UnsignedFile.Multi.Generic ) - skipped by user 11:46:50.0723 2840 WDDMService ( UnsignedFile.Multi.Generic ) - User select action: Skip 11:46:50.0723 2840 WDSmartWareBackgroundService ( UnsignedFile.Multi.Generic ) - skipped by user 11:46:50.0723 2840 WDSmartWareBackgroundService ( UnsignedFile.Multi.Generic ) - User select action: Skip

initially, i could not shut down my computer, and it was running super slow. when i went to install malwarebytes, it would not allow me to do this. also, some abnormal activity was occurring on my email account. now i can shut down my computer, but still cannot install malwarebytes. thanks Farbar Service Scanner Version: 01-03-2012 Ran by danger (administrator) on 29-03-2012 at 07:57:40 Running from "C:\Users\danger\Downloads" Microsoft Windows 7 Home Premium (X64) Boot Mode: Normal **************************************************************** Internet Services: ============ Connection Status: ============== Localhost is accessible. LAN connected. Google IP is accessible. Yahoo IP is accessible. Windows Firewall: ============= Firewall Disabled Policy: ================== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall"=DWORD:0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall"=DWORD:0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall"=DWORD:0 System Restore: ============ System Restore Disabled Policy: ======================== Action Center: ============ Windows Update: ============ File Check: ======== C:\Windows\System32\nsisvc.dll => MD5 is legit C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit C:\Windows\System32\dhcpcore.dll => MD5 is legit C:\Windows\System32\drivers\afd.sys [2012-02-15 09:27] - [2011-12-27 20:59] - 0499200 ____A (Microsoft Corporation) DB9D6C6B2CD95A9CA414D045B627422E C:\Windows\System32\drivers\tdx.sys => MD5 is legit C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit C:\Windows\System32\dnsrslvr.dll => MD5 is legit C:\Windows\System32\mpssvc.dll [2009-07-13 17:09] - [2009-07-13 18:41] - 0824832 ____A (Microsoft Corporation) AECAB449567D1846DAD63ECE49E893E3 C:\Windows\System32\bfe.dll => MD5 is legit C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit C:\Windows\System32\SDRSVC.dll [2009-07-13 16:36] - [2009-07-13 18:41] - 0170496 ____A (Microsoft Corporation) 765A27C3279CE11D14CB9E4F5869FCA5 C:\Windows\System32\vssvc.exe => MD5 is legit C:\Windows\System32\wscsvc.dll => MD5 is legit C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit C:\Windows\System32\wuaueng.dll [2009-07-13 17:36] - [2009-07-13 18:41] - 2418176 ____A (Microsoft Corporation) 38340204A2D0228F1E87740FC5E554A7 C:\Windows\System32\qmgr.dll => MD5 is legit C:\Windows\System32\es.dll => MD5 is legit C:\Windows\System32\cryptsvc.dll => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit **** End of log **** RogueKiller V7.3.2 [03/20/2012] by Tigzy mail: tigzyRK<at>gmail<dot>com Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/ Blog: http://tigzyrk.blogspot.com Operating System: Windows 7 (6.1.7600 ) 64 bits version Started in : Normal mode User: danger [Admin rights] Mode: Scan -- Date: 03/29/2012 08:05:52 ¤¤¤ Bad processes: 0 ¤¤¤ ¤¤¤ Registry Entries: 2 ¤¤¤ [HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND [HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver: [NOT LOADED] ¤¤¤ ¤¤¤ Infection : ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: Hitachi HTS545050B9A300 +++++ --- User --- [MBR] 3dc58bf13bf1226d28ff04fef707c91f [bSP] 6b81a4f7bbdb87c02bc9f654358bd723 : Windows Vista MBR Code Partition table: 0 - [ACTIVE] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 1500 Mo 1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 3074048 | Size: 464503 Mo 2 - [XXXXXX] NTFS (0x17) [HIDDEN!] Offset (sectors): 954376192 | Size: 10936 Mo User = LL1 ... OK! User = LL2 ... OK! Finished : << RKreport[1].txt >> RKreport[1].txt

.thanks DDS (Ver_2011-08-26.01) - NTFSAMD64 Internet Explorer: 8.0.7600.16385 Run by danger at 15:06:02 on 2012-03-27 Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.3964.2317 [GMT -7:00] . AV: Kaspersky Internet Security *Enabled/Updated* {56547CC9-C9B2-849D-8FEF-A496150D6A06} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Kaspersky Internet Security *Enabled/Updated* {ED359D2D-EF88-8B13-B55F-9FE46E8A20BB} FW: Kaspersky Internet Security *Enabled* {6E6FFDEC-83DD-85C5-A4B0-0DA3EBDE2D7D} . ============== Running Processes =============== . C:\windows\system32\wininit.exe C:\windows\system32\lsm.exe C:\windows\system32\svchost.exe -k DcomLaunch C:\windows\system32\svchost.exe -k RPCSS C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\windows\system32\svchost.exe -k netsvcs C:\windows\system32\svchost.exe -k LocalService C:\windows\system32\svchost.exe -k NetworkService C:\windows\System32\spoolsv.exe C:\windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe C:\windows\system32\svchost.exe -k imgsvc C:\windows\system32\ThpSrv.exe C:\Windows\system32\TODDSrv.exe C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe C:\Program Files\TOSHIBA\TECO\TecoService.exe C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\windows\system32\SearchIndexer.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\windows\system32\taskhost.exe C:\windows\system32\Dwm.exe C:\windows\Explorer.EXE C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Windows\System32\ThpSrv.exe C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe C:\windows\system32\igfxsrvc.exe C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe C:\windows\system32\taskeng.exe C:\Program Files\TOSHIBA\TECO\Teco.exe C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe C:\windows\system32\igfxext.exe C:\Program Files (x86)\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\mswinext.exe C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe C:\windows\system32\svchost.exe -k HPService C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe C:\windows\System32\svchost.exe -k secsvcs C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\x64\klwtblfs.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\windows\system32\wuauclt.exe C:\windows\SysWOW64\cmd.exe C:\windows\system32\conhost.exe C:\windows\SysWOW64\cscript.exe C:\windows\system32\wbem\wmiprvse.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNA uDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNA mDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNA mStart Page = hxxp://www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNA mWinlogon: Userinit=userinit.exe, BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: IEVkbdBHO Class: {59273ab4-e7d3-40f9-a1a8-6fa9cca1862c} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\ievkbd.dll BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll BHO: Bing Bar BHO: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\npwinext.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll BHO: FilterBHO Class: {e33cf602-d945-461a-83f0-819f76a199f8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll TB: @C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\npwinext.dll,-100: {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\npwinext.dll TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll {555d4d79-4bd2-4094-a395-cfc534424a05} uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" uRun: [Google Update] "C:\Users\danger\AppData\Local\Google\Update\GoogleUpdate.exe" /c uRun: [AlcoholAutomount] "C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" -automount uRunOnce: [FlashPlayerUpdate] C:\windows\system32\Macromed\Flash\NPSWF32_FlashUtil.exe -p mRun: [TUSBSleepChargeSrv] %ProgramFiles(x86)%\TOSHIBA\TOSHIBA USB Sleep and Charge Utility\TUSBSleepChargeSrv.exe mRun: [NortonOnlineBackupReminder] "C:\Program Files (x86)\TOSHIBA\Toshiba Online Backup\Activation\TobuActivation.exe" UNATTENDED mRun: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe" mRun: [Auto Run Software for Photo Frame] mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe mRun: [<NO NAME>] mRun: [bing Bar] "C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\mswinext.exe" mRun: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime StartupFolder: C:\Users\danger\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\PMBMED~1.LNK - C:\Program Files (x86)\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\WDDMST~1.LNK - C:\Program Files (x86)\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\WDSMAR~1.LNK - C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe mPolicies-explorer: NoActiveDesktop = 1 (0x1) mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1) mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: Add to Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\ie_banner_deny.htm IE: E&xport to Microsoft Excel - C:\PROGRA~2\MIF5BA~1\Office12\EXCEL.EXE/3000 IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MIF5BA~1\Office12\ONBttnIE.dll IE: {4248FE82-7FCB-46AC-B270-339F08212110} - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MIF5BA~1\Office12\REFIEBAR.DLL IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab TCP: DhcpNameServer = 216.170.112.1 216.170.112.30 11.0.0.1 TCP: Interfaces\{3C92850D-A192-4F23-983F-19D123081ADB} : DhcpNameServer = 216.170.112.1 216.170.112.30 11.0.0.1 TCP: Interfaces\{3C92850D-A192-4F23-983F-19D123081ADB}\7596562737D616 : DhcpNameServer = 192.168.1.254 TCP: Interfaces\{3C92850D-A192-4F23-983F-19D123081ADB}\B4E656368647E45647 : DhcpNameServer = 216.170.112.1 216.170.112.30 11.0.0.1 TCP: Interfaces\{3C92850D-A192-4F23-983F-19D123081ADB}\C696E6B6379737 : DhcpNameServer = 216.170.112.1 216.170.112.30 11.0.0.1 Handler: intu-help-qb1 - {9B0F96C7-2E4B-433e-ABF3-043BA1B54AE3} - C:\Program Files (x86)\Intuit\QuickBooks 2008\HelpAsyncPluggableProtocol.dll Handler: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - C:\Windows\System32\mscoree.dll AppInit_DLLs: C:\PROGRA~2\KASPER~1\KASPER~2\MZVKBD3.DLL, C:\PROGRA~2\KASPER~1\KASPER~2\SBHOOK.DLL C:\PROGRA~2\GOOGLE\GOOGLE~3\GO36F4~1.DLL mASetup: {01250B8F-D947-4F8A-9408-FE8E3EE2EC92} - C:\Program Files (x86)\TOSHIBA\My Toshiba\MyToshiba.exe /SETUP BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO-X64: AcroIEHelperStub - No File BHO-X64: IEVkbdBHO Class: {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\ievkbd.dll BHO-X64: IEVkbdBHO - No File BHO-X64: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File BHO-X64: Search Helper: {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll BHO-X64: Search Helper - No File BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll BHO-X64: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll BHO-X64: Bing Bar BHO: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\npwinext.dll BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll BHO-X64: FilterBHO Class: {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll BHO-X64: link filter bho - No File TB-X64: @C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\npwinext.dll,-100: {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\npwinext.dll TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll EB-X64: {555D4D79-4BD2-4094-A395-CFC534424A05} - No File mRun-x64: [TUSBSleepChargeSrv] %ProgramFiles(x86)%\TOSHIBA\TOSHIBA USB Sleep and Charge Utility\TUSBSleepChargeSrv.exe mRun-x64: [NortonOnlineBackupReminder] "C:\Program Files (x86)\TOSHIBA\Toshiba Online Backup\Activation\TobuActivation.exe" UNATTENDED mRun-x64: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe" mRun-x64: [Auto Run Software for Photo Frame] mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun-x64: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe mRun-x64: [(Default)] mRun-x64: [bing Bar] "C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\mswinext.exe" mRun-x64: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime AppInit_DLLs-X64: C:\PROGRA~2\KASPER~1\KASPER~2\MZVKBD3.DLL, C:\PROGRA~2\KASPER~1\KASPER~2\SBHOOK.DLL C:\PROGRA~2\GOOGLE\GOOGLE~3\GO36F4~1.DLL . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\danger\AppData\Roaming\Mozilla\Firefox\Profiles\a4n5j32w.default\ FF - prefs.js: browser.search.defaulturl - hxxp://www.bing.com/search?FORM=IP2TDF&PC=IP2TDF&q= FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?FORM=IP2TDF&PC=IP2TDF&q= FF - prefs.js: network.proxy.type - 4 FF - component: C:\Program Files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}\components\SkypeFfComponent.dll FF - component: C:\Program Files (x86)\Mozilla Firefox\extensions\KavAntiBanner@Kaspersky.ru\components\abhelperxpcom.dll FF - component: C:\Program Files (x86)\Mozilla Firefox\extensions\linkfilter@kaspersky.ru\components\kavlinkfilter.dll FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.2.183.23\npGoogleOneClick8.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.2.183.29\npGoogleOneClick8.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.2.183.39\npGoogleOneClick8.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.53\npGoogleUpdate3.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.57\npGoogleUpdate3.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.65\npGoogleUpdate3.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.69\npGoogleUpdate3.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll FF - plugin: C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\npwinext.dll FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll FF - plugin: C:\Users\danger\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll FF - plugin: C:\Users\danger\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF - Ext: Kaspersky URL Advisor: linkfilter@kaspersky.ru - C:\Program Files (x86)\Mozilla Firefox\extensions\linkfilter@kaspersky.ru FF - Ext: Skype extension for Firefox: {AB2CE124-6272-4b12-94A9-7303C7397BD1} - C:\Program Files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} FF - Ext: Anti-Banner: KavAntiBanner@Kaspersky.ru - C:\Program Files (x86)\Mozilla Firefox\extensions\KavAntiBanner@Kaspersky.ru . ============= SERVICES / DRIVERS =============== . R0 PxHlpa64;PxHlpa64;C:\windows\system32\Drivers\PxHlpa64.sys --> C:\windows\system32\Drivers\PxHlpa64.sys [?] R1 kl2;kl2;C:\windows\system32\DRIVERS\kl2.sys --> C:\windows\system32\DRIVERS\kl2.sys [?] R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;C:\windows\system32\DRIVERS\klim6.sys --> C:\windows\system32\DRIVERS\klim6.sys [?] R2 rimspci;rimspci;C:\windows\system32\DRIVERS\rimspe64.sys --> C:\windows\system32\DRIVERS\rimspe64.sys [?] R2 risdpcie;risdpcie;C:\windows\system32\DRIVERS\risdpe64.sys --> C:\windows\system32\DRIVERS\risdpe64.sys [?] R2 rixdpcie;rixdpcie;C:\windows\system32\DRIVERS\rixdpe64.sys --> C:\windows\system32\DRIVERS\rixdpe64.sys [?] R3 FwLnk;FwLnk Driver;C:\windows\system32\DRIVERS\FwLnk.sys --> C:\windows\system32\DRIVERS\FwLnk.sys [?] R3 IntcHdmiAddService;Intel® High Definition Audio HDMI;C:\windows\system32\drivers\IntcHdmi.sys --> C:\windows\system32\drivers\IntcHdmi.sys [?] R3 PGEffect;Pangu effect driver;C:\windows\system32\DRIVERS\pgeffect.sys --> C:\windows\system32\DRIVERS\pgeffect.sys [?] R3 RTL8167;Realtek 8167 NT Driver;C:\windows\system32\DRIVERS\Rt64win7.sys --> C:\windows\system32\DRIVERS\Rt64win7.sys [?] R3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;C:\windows\system32\DRIVERS\rtl8192se.sys --> C:\windows\system32\DRIVERS\rtl8192se.sys [?] S3 klmouflt;Kaspersky Lab KLMOUFLT;C:\windows\system32\DRIVERS\klmouflt.sys --> C:\windows\system32\DRIVERS\klmouflt.sys [?] . =============== Created Last 30 ================ . 2012-03-27 21:13:51 8669240 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{5D7ADE78-F0B6-4D2D-8F54-88D56E0763AC}\mpengine.dll 2012-03-14 17:16:30 3143168 ----a-w- C:\windows\System32\win32k.sys 2012-03-14 17:16:21 902656 ----a-w- C:\windows\System32\d2d1.dll 2012-03-14 17:16:21 1837568 ----a-w- C:\windows\System32\d3d10warp.dll 2012-03-14 17:16:21 1170944 ----a-w- C:\windows\SysWow64\d3d10warp.dll 2012-03-14 17:16:20 739840 ----a-w- C:\windows\SysWow64\d2d1.dll 2012-03-14 17:16:19 320512 ----a-w- C:\windows\System32\d3d10_1core.dll 2012-03-14 17:16:19 1541120 ----a-w- C:\windows\System32\DWrite.dll 2012-03-14 17:16:19 1074176 ----a-w- C:\windows\SysWow64\DWrite.dll 2012-03-14 17:16:18 218624 ----a-w- C:\windows\SysWow64\d3d10_1core.dll 2012-03-14 17:16:18 197120 ----a-w- C:\windows\System32\d3d10_1.dll 2012-03-14 17:16:18 161792 ----a-w- C:\windows\SysWow64\d3d10_1.dll 2012-03-14 17:12:56 826368 ----a-w- C:\windows\SysWow64\rdpcore.dll 2012-03-14 17:12:56 23552 ----a-w- C:\windows\System32\drivers\tdtcp.sys 2012-03-14 17:12:56 204800 ----a-w- C:\windows\System32\drivers\rdpwd.sys 2012-03-14 17:12:56 1031680 ----a-w- C:\windows\System32\rdpcore.dll 2012-03-14 17:12:45 9216 ----a-w- C:\windows\System32\rdrmemptylst.exe 2012-03-14 17:12:45 76288 ----a-w- C:\windows\System32\rdpwsx.dll 2012-03-14 17:12:45 149504 ----a-w- C:\windows\System32\rdpcorekmts.dll . ==================== Find3M ==================== . 2012-02-23 16:18:36 279656 ------w- C:\windows\System32\MpSigStub.exe . ============= FINISH: 15:07:26.65 =============== . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2011-08-26.01) . Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume1 Install Date: 12/28/2009 5:06:55 PM System Uptime: 3/27/2012 1:58:55 PM (2 hours ago) . Motherboard: TOSHIBA | | Portable PC Processor: Intel® Core2 Duo CPU T6600 @ 2.20GHz | CPU | 2200/800mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 454 GiB total, 337.525 GiB free. D: is CDROM (CDFS) E: is CDROM () . ==== Disabled Device Manager Items ============= . Class GUID: Description: Officejet Pro 8500 A910 Device ID: ROOT\MULTIFUNCTION\0000 Manufacturer: Name: Officejet Pro 8500 A910 PNP Device ID: ROOT\MULTIFUNCTION\0000 Service: . Class GUID: Description: Officejet Pro 8500 A910 Device ID: ROOT\MULTIFUNCTION\0001 Manufacturer: Name: Officejet Pro 8500 A910 PNP Device ID: ROOT\MULTIFUNCTION\0001 Service: . Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318} Description: Officejet Pro 8500 A910 Device ID: ROOT\MULTIFUNCTION\0002 Manufacturer: HP Name: Officejet Pro 8500 A910 PNP Device ID: ROOT\MULTIFUNCTION\0002 Service: . Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318} Description: Deskjet 6940 series Device ID: ROOT\MULTIFUNCTION\0003 Manufacturer: HP Name: Deskjet 6940 series PNP Device ID: ROOT\MULTIFUNCTION\0003 Service: . ==== System Restore Points =================== . RP320: 3/3/2012 12:39:23 PM - Windows Update RP321: 3/8/2012 7:03:44 AM - Windows Update RP322: 3/9/2012 4:35:42 PM - Windows Update RP323: 3/11/2012 5:05:51 PM - Windows Update RP324: 3/14/2012 10:14:17 AM - Windows Update RP325: 3/15/2012 9:21:04 AM - Windows Update RP326: 3/15/2012 10:37:31 PM - Windows Update RP327: 3/17/2012 10:49:18 AM - Windows Update RP328: 3/17/2012 10:53:36 AM - Windows Update RP329: 3/17/2012 11:16:08 PM - Windows Update RP330: 3/20/2012 8:48:25 AM - Windows Update RP331: 3/20/2012 5:34:29 PM - Windows Update RP332: 3/21/2012 2:02:13 PM - Windows Update RP333: 3/22/2012 8:38:37 PM - Windows Update RP334: 3/22/2012 11:31:38 PM - Windows Update RP335: 3/23/2012 10:22:32 PM - Windows Update RP336: 3/23/2012 10:33:41 PM - Windows Update RP337: 3/24/2012 10:10:55 PM - Windows Update RP338: 3/25/2012 1:44:48 PM - Windows Update RP339: 3/25/2012 10:16:04 PM - Windows Update RP340: 3/27/2012 2:10:08 PM - Windows Update RP341: 3/27/2012 2:12:43 PM - Windows Update . ==== Installed Programs ====================== . Update for Microsoft Office 2007 (KB2508958) 1600 1600_Help 1600Trb Adobe Flash Player 10 ActiveX Adobe Flash Player 10 Plugin Adobe Reader 9.2 AIO_CDB_ProductContext AIO_CDB_Software AIO_Scan Apple Application Support Apple Software Update Bing Bar Bing Bar Platform BufferChm Cactus Ropes Championship ArenaPack Classic Championships ArenaPack Compatibility Pack for the 2007 Office system Direct DiscRecorder DocProc DVD MovieFactory for TOSHIBA Google Chrome Google Desktop Google Earth Plug-in Google Toolbar for Internet Explorer Google Update Helper HP Officejet Pro 8500 A910 Help HP Update HPPhotoGadget HPSSupply I.R.I.S. OCR Java 6 Update 14 Junk Mail filter update Kaspersky Internet Security 2011 Marketsplash Shortcuts Microsoft Choice Guard Microsoft Default Manager Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office Excel MUI (English) 2007 Microsoft Office Home and Student 2007 Microsoft Office OneNote MUI (English) 2007 Microsoft Office PowerPoint MUI (English) 2007 Microsoft Office PowerPoint Viewer 2007 (English) Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proofing (English) 2007 Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Shared MUI (English) 2007 Microsoft Office Shared Setup Metadata MUI (English) 2007 Microsoft Office Suite Activation Assistant Microsoft Office Word MUI (English) 2007 Microsoft Search Enhancement Pack Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Works Mozilla Firefox (3.6.28) MSVCRT MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) MSXML 4.0 SP2 Parser and SDK MyToshiba PC Ropes ArenaPack Philips Photo Manager 1.1 Primo QuickBooks Pro 2008 QuickTime Realtek Ethernet Controller Driver Realtek High Definition Audio Driver Realtek WLAN Driver RICOH R5U230 Media Driver ver.2.06.03.02 Runtime Scan Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition Skype Launcher Skype Toolbars Sony Picture Utility Spelling Dictionaries Support For Adobe Reader 9 Spin To Win ArenaPack SupportSoft Assisted Service Toolbox Toshiba Application Installer TOSHIBA Assist TOSHIBA ConfigFree TOSHIBA DVD PLAYER TOSHIBA eco Utility TOSHIBA Extended Tiles for Windows Mobility Center TOSHIBA Face Recognition TOSHIBA Hardware Setup TOSHIBA HDD/SSD Alert Toshiba Online Backup Toshiba Quality Application TOSHIBA Service Station TOSHIBA Speech System Applications TOSHIBA Speech System SR Engine(U.S.) Version1.0 TOSHIBA Speech System TTS Engine(U.S.) Version1.0 TOSHIBA Supervisor Password TOSHIBA USB Sleep and Charge Utility TOSHIBA Value Added Package TOSHIBA Web Camera Application ToshibaRegistration TRSim TRSim Bonus TRSim Bonus Patch 109 UnloadSupport Update for 2007 Microsoft Office System (KB967642) Update for Microsoft Office 2007 suites (KB2596651) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596789) 32-Bit Edition Update for Microsoft Office Excel 2007 (KB2596596) 32-Bit Edition WebReg WildTangent Games Windows Live Call Windows Live Communications Platform Windows Live Essentials Windows Live Mail Windows Live Messenger Windows Live Photo Gallery Windows Live Sync Windows Live Upload Tool Windows Live Writer Windows Media Player Firefox Plugin Yahoo! BrowserPlus 2.9.8 . ==== Event Viewer Messages From Past Week ======== . 3/27/2012 2:11:51 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Windows Internet Explorer 9 for Windows 7 for x64-based Systems. 3/27/2012 2:09:40 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the IPBusEnum service. 3/26/2012 7:24:32 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {C97FCC79-E628-407D-AE68-A06AD6D8B4D1} and APPID {344ED43D-D086-4961-86A6-1106F4ACAD9B} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool. 3/25/2012 9:54:15 PM, Error: Microsoft-Windows-DistributedCOM [10000] - Unable to start a DCOM Server: {1F87137D-0E7C-44D5-8C73-4EFFB68962F2}. The error: "5" Happened while starting this command: C:\windows\system32\wbem\wmiprvse.exe -secured -Embedding 3/25/2012 9:53:06 PM, Error: Service Control Manager [7023] - The Security Center service terminated with the following error: Access is denied. 3/25/2012 9:53:01 PM, Error: Service Control Manager [7000] - The Windows Media Player Network Sharing Service service failed to start due to the following error: Access is denied. 3/25/2012 9:52:31 PM, Error: Service Control Manager [7000] - The Software Protection service failed to start due to the following error: Access is denied. 3/25/2012 9:52:16 PM, Error: Service Control Manager [7023] - The Function Discovery Provider Host service terminated with the following error: Access is denied. 3/25/2012 9:52:16 PM, Error: Service Control Manager [7001] - The PnP-X IP Bus Enumerator service depends on the Function Discovery Provider Host service which failed to start because of the following error: Access is denied. 3/25/2012 9:49:46 PM, Error: Service Control Manager [7023] - The SSDP Discovery service terminated with the following error: Access is denied. 3/25/2012 9:49:46 PM, Error: Service Control Manager [7000] - The IPsec Policy Agent service failed to start due to the following error: Access is denied. 3/25/2012 9:49:44 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the IPsec Policy Agent service to connect. 3/25/2012 9:49:44 PM, Error: Service Control Manager [7000] - The IPsec Policy Agent service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 3/25/2012 9:38:30 PM, Error: Service Control Manager [7022] - The HP Network Devices Support service hung on starting. 3/25/2012 9:03:35 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Media Player Network Sharing Service service to connect. 3/25/2012 9:03:35 PM, Error: Service Control Manager [7000] - The Windows Media Player Network Sharing Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 3/25/2012 3:28:44 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Netman service. 3/23/2012 9:18:32 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the AVP service. 3/23/2012 10:27:57 PM, Error: Service Control Manager [7022] - The Kaspersky Anti-Virus Service service hung on starting. . ==== End Of File ===========================

thanks for reply.... i posted in hijack this two times, with no response,....am i missing something?

i just purchased malwarebytes subscription, but i think maybe malware is keeping me from downloading it . DDS (Ver_2011-08-26.01) - NTFSAMD64 Internet Explorer: 8.0.7600.16385 Run by danger at 15:06:02 on 2012-03-27 Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.3964.2317 [GMT -7:00] . AV: Kaspersky Internet Security *Enabled/Updated* {56547CC9-C9B2-849D-8FEF-A496150D6A06} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Kaspersky Internet Security *Enabled/Updated* {ED359D2D-EF88-8B13-B55F-9FE46E8A20BB} FW: Kaspersky Internet Security *Enabled* {6E6FFDEC-83DD-85C5-A4B0-0DA3EBDE2D7D} . ============== Running Processes =============== . C:\windows\system32\wininit.exe C:\windows\system32\lsm.exe C:\windows\system32\svchost.exe -k DcomLaunch C:\windows\system32\svchost.exe -k RPCSS C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\windows\system32\svchost.exe -k netsvcs C:\windows\system32\svchost.exe -k LocalService C:\windows\system32\svchost.exe -k NetworkService C:\windows\System32\spoolsv.exe C:\windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe C:\windows\system32\svchost.exe -k imgsvc C:\windows\system32\ThpSrv.exe C:\Windows\system32\TODDSrv.exe C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe C:\Program Files\TOSHIBA\TECO\TecoService.exe C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\windows\system32\SearchIndexer.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\windows\system32\taskhost.exe C:\windows\system32\Dwm.exe C:\windows\Explorer.EXE C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Windows\System32\ThpSrv.exe C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe C:\windows\system32\igfxsrvc.exe C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe C:\windows\system32\taskeng.exe C:\Program Files\TOSHIBA\TECO\Teco.exe C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe C:\windows\system32\igfxext.exe C:\Program Files (x86)\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\mswinext.exe C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe C:\windows\system32\svchost.exe -k HPService C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe C:\windows\System32\svchost.exe -k secsvcs C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\x64\klwtblfs.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\windows\system32\wuauclt.exe C:\windows\SysWOW64\cmd.exe C:\windows\system32\conhost.exe C:\windows\SysWOW64\cscript.exe C:\windows\system32\wbem\wmiprvse.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNA uDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNA mDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNA mStart Page = hxxp://www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNA mWinlogon: Userinit=userinit.exe, BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: IEVkbdBHO Class: {59273ab4-e7d3-40f9-a1a8-6fa9cca1862c} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\ievkbd.dll BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll BHO: Bing Bar BHO: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\npwinext.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll BHO: FilterBHO Class: {e33cf602-d945-461a-83f0-819f76a199f8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll TB: @C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\npwinext.dll,-100: {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\npwinext.dll TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll {555d4d79-4bd2-4094-a395-cfc534424a05} uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" uRun: [Google Update] "C:\Users\danger\AppData\Local\Google\Update\GoogleUpdate.exe" /c uRun: [AlcoholAutomount] "C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" -automount uRunOnce: [FlashPlayerUpdate] C:\windows\system32\Macromed\Flash\NPSWF32_FlashUtil.exe -p mRun: [TUSBSleepChargeSrv] %ProgramFiles(x86)%\TOSHIBA\TOSHIBA USB Sleep and Charge Utility\TUSBSleepChargeSrv.exe mRun: [NortonOnlineBackupReminder] "C:\Program Files (x86)\TOSHIBA\Toshiba Online Backup\Activation\TobuActivation.exe" UNATTENDED mRun: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe" mRun: [Auto Run Software for Photo Frame] mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe mRun: [<NO NAME>] mRun: [bing Bar] "C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\mswinext.exe" mRun: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime StartupFolder: C:\Users\danger\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\PMBMED~1.LNK - C:\Program Files (x86)\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\WDDMST~1.LNK - C:\Program Files (x86)\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\WDSMAR~1.LNK - C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe mPolicies-explorer: NoActiveDesktop = 1 (0x1) mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1) mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: Add to Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\ie_banner_deny.htm IE: E&xport to Microsoft Excel - C:\PROGRA~2\MIF5BA~1\Office12\EXCEL.EXE/3000 IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MIF5BA~1\Office12\ONBttnIE.dll IE: {4248FE82-7FCB-46AC-B270-339F08212110} - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MIF5BA~1\Office12\REFIEBAR.DLL IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab TCP: DhcpNameServer = 216.170.112.1 216.170.112.30 11.0.0.1 TCP: Interfaces\{3C92850D-A192-4F23-983F-19D123081ADB} : DhcpNameServer = 216.170.112.1 216.170.112.30 11.0.0.1 TCP: Interfaces\{3C92850D-A192-4F23-983F-19D123081ADB}\7596562737D616 : DhcpNameServer = 192.168.1.254 TCP: Interfaces\{3C92850D-A192-4F23-983F-19D123081ADB}\B4E656368647E45647 : DhcpNameServer = 216.170.112.1 216.170.112.30 11.0.0.1 TCP: Interfaces\{3C92850D-A192-4F23-983F-19D123081ADB}\C696E6B6379737 : DhcpNameServer = 216.170.112.1 216.170.112.30 11.0.0.1 Handler: intu-help-qb1 - {9B0F96C7-2E4B-433e-ABF3-043BA1B54AE3} - C:\Program Files (x86)\Intuit\QuickBooks 2008\HelpAsyncPluggableProtocol.dll Handler: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - C:\Windows\System32\mscoree.dll AppInit_DLLs: C:\PROGRA~2\KASPER~1\KASPER~2\MZVKBD3.DLL, C:\PROGRA~2\KASPER~1\KASPER~2\SBHOOK.DLL C:\PROGRA~2\GOOGLE\GOOGLE~3\GO36F4~1.DLL mASetup: {01250B8F-D947-4F8A-9408-FE8E3EE2EC92} - C:\Program Files (x86)\TOSHIBA\My Toshiba\MyToshiba.exe /SETUP BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO-X64: AcroIEHelperStub - No File BHO-X64: IEVkbdBHO Class: {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\ievkbd.dll BHO-X64: IEVkbdBHO - No File BHO-X64: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File BHO-X64: Search Helper: {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll BHO-X64: Search Helper - No File BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll BHO-X64: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll BHO-X64: Bing Bar BHO: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\npwinext.dll BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll BHO-X64: FilterBHO Class: {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll BHO-X64: link filter bho - No File TB-X64: @C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\npwinext.dll,-100: {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\npwinext.dll TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll EB-X64: {555D4D79-4BD2-4094-A395-CFC534424A05} - No File mRun-x64: [TUSBSleepChargeSrv] %ProgramFiles(x86)%\TOSHIBA\TOSHIBA USB Sleep and Charge Utility\TUSBSleepChargeSrv.exe mRun-x64: [NortonOnlineBackupReminder] "C:\Program Files (x86)\TOSHIBA\Toshiba Online Backup\Activation\TobuActivation.exe" UNATTENDED mRun-x64: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe" mRun-x64: [Auto Run Software for Photo Frame] mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun-x64: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe mRun-x64: [(Default)] mRun-x64: [bing Bar] "C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\mswinext.exe" mRun-x64: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime AppInit_DLLs-X64: C:\PROGRA~2\KASPER~1\KASPER~2\MZVKBD3.DLL, C:\PROGRA~2\KASPER~1\KASPER~2\SBHOOK.DLL C:\PROGRA~2\GOOGLE\GOOGLE~3\GO36F4~1.DLL . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\danger\AppData\Roaming\Mozilla\Firefox\Profiles\a4n5j32w.default\ FF - prefs.js: browser.search.defaulturl - hxxp://www.bing.com/search?FORM=IP2TDF&PC=IP2TDF&q= FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?FORM=IP2TDF&PC=IP2TDF&q= FF - prefs.js: network.proxy.type - 4 FF - component: C:\Program Files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}\components\SkypeFfComponent.dll FF - component: C:\Program Files (x86)\Mozilla Firefox\extensions\KavAntiBanner@Kaspersky.ru\components\abhelperxpcom.dll FF - component: C:\Program Files (x86)\Mozilla Firefox\extensions\linkfilter@kaspersky.ru\components\kavlinkfilter.dll FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.2.183.23\npGoogleOneClick8.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.2.183.29\npGoogleOneClick8.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.2.183.39\npGoogleOneClick8.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.53\npGoogleUpdate3.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.57\npGoogleUpdate3.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.65\npGoogleUpdate3.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.69\npGoogleUpdate3.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll FF - plugin: C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\npwinext.dll FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll FF - plugin: C:\Users\danger\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll FF - plugin: C:\Users\danger\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF - Ext: Kaspersky URL Advisor: linkfilter@kaspersky.ru - C:\Program Files (x86)\Mozilla Firefox\extensions\linkfilter@kaspersky.ru FF - Ext: Skype extension for Firefox: {AB2CE124-6272-4b12-94A9-7303C7397BD1} - C:\Program Files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} FF - Ext: Anti-Banner: KavAntiBanner@Kaspersky.ru - C:\Program Files (x86)\Mozilla Firefox\extensions\KavAntiBanner@Kaspersky.ru . ============= SERVICES / DRIVERS =============== . R0 PxHlpa64;PxHlpa64;C:\windows\system32\Drivers\PxHlpa64.sys --> C:\windows\system32\Drivers\PxHlpa64.sys [?] R1 kl2;kl2;C:\windows\system32\DRIVERS\kl2.sys --> C:\windows\system32\DRIVERS\kl2.sys [?] R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;C:\windows\system32\DRIVERS\klim6.sys --> C:\windows\system32\DRIVERS\klim6.sys [?] R2 rimspci;rimspci;C:\windows\system32\DRIVERS\rimspe64.sys --> C:\windows\system32\DRIVERS\rimspe64.sys [?] R2 risdpcie;risdpcie;C:\windows\system32\DRIVERS\risdpe64.sys --> C:\windows\system32\DRIVERS\risdpe64.sys [?] R2 rixdpcie;rixdpcie;C:\windows\system32\DRIVERS\rixdpe64.sys --> C:\windows\system32\DRIVERS\rixdpe64.sys [?] R3 FwLnk;FwLnk Driver;C:\windows\system32\DRIVERS\FwLnk.sys --> C:\windows\system32\DRIVERS\FwLnk.sys [?] R3 IntcHdmiAddService;Intel® High Definition Audio HDMI;C:\windows\system32\drivers\IntcHdmi.sys --> C:\windows\system32\drivers\IntcHdmi.sys [?] R3 PGEffect;Pangu effect driver;C:\windows\system32\DRIVERS\pgeffect.sys --> C:\windows\system32\DRIVERS\pgeffect.sys [?] R3 RTL8167;Realtek 8167 NT Driver;C:\windows\system32\DRIVERS\Rt64win7.sys --> C:\windows\system32\DRIVERS\Rt64win7.sys [?] R3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;C:\windows\system32\DRIVERS\rtl8192se.sys --> C:\windows\system32\DRIVERS\rtl8192se.sys [?] S3 klmouflt;Kaspersky Lab KLMOUFLT;C:\windows\system32\DRIVERS\klmouflt.sys --> C:\windows\system32\DRIVERS\klmouflt.sys [?] . =============== Created Last 30 ================ . 2012-03-27 21:13:51 8669240 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{5D7ADE78-F0B6-4D2D-8F54-88D56E0763AC}\mpengine.dll 2012-03-14 17:16:30 3143168 ----a-w- C:\windows\System32\win32k.sys 2012-03-14 17:16:21 902656 ----a-w- C:\windows\System32\d2d1.dll 2012-03-14 17:16:21 1837568 ----a-w- C:\windows\System32\d3d10warp.dll 2012-03-14 17:16:21 1170944 ----a-w- C:\windows\SysWow64\d3d10warp.dll 2012-03-14 17:16:20 739840 ----a-w- C:\windows\SysWow64\d2d1.dll 2012-03-14 17:16:19 320512 ----a-w- C:\windows\System32\d3d10_1core.dll 2012-03-14 17:16:19 1541120 ----a-w- C:\windows\System32\DWrite.dll 2012-03-14 17:16:19 1074176 ----a-w- C:\windows\SysWow64\DWrite.dll 2012-03-14 17:16:18 218624 ----a-w- C:\windows\SysWow64\d3d10_1core.dll 2012-03-14 17:16:18 197120 ----a-w- C:\windows\System32\d3d10_1.dll 2012-03-14 17:16:18 161792 ----a-w- C:\windows\SysWow64\d3d10_1.dll 2012-03-14 17:12:56 826368 ----a-w- C:\windows\SysWow64\rdpcore.dll 2012-03-14 17:12:56 23552 ----a-w- C:\windows\System32\drivers\tdtcp.sys 2012-03-14 17:12:56 204800 ----a-w- C:\windows\System32\drivers\rdpwd.sys 2012-03-14 17:12:56 1031680 ----a-w- C:\windows\System32\rdpcore.dll 2012-03-14 17:12:45 9216 ----a-w- C:\windows\System32\rdrmemptylst.exe 2012-03-14 17:12:45 76288 ----a-w- C:\windows\System32\rdpwsx.dll 2012-03-14 17:12:45 149504 ----a-w- C:\windows\System32\rdpcorekmts.dll . ==================== Find3M ==================== . 2012-02-23 16:18:36 279656 ------w- C:\windows\System32\MpSigStub.exe . ============= FINISH: 15:07:26.65 =============== . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2011-08-26.01) . Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume1 Install Date: 12/28/2009 5:06:55 PM System Uptime: 3/27/2012 1:58:55 PM (2 hours ago) . Motherboard: TOSHIBA | | Portable PC Processor: Intel® Core2 Duo CPU T6600 @ 2.20GHz | CPU | 2200/800mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 454 GiB total, 337.525 GiB free. D: is CDROM (CDFS) E: is CDROM () . ==== Disabled Device Manager Items ============= . Class GUID: Description: Officejet Pro 8500 A910 Device ID: ROOT\MULTIFUNCTION\0000 Manufacturer: Name: Officejet Pro 8500 A910 PNP Device ID: ROOT\MULTIFUNCTION\0000 Service: . Class GUID: Description: Officejet Pro 8500 A910 Device ID: ROOT\MULTIFUNCTION\0001 Manufacturer: Name: Officejet Pro 8500 A910 PNP Device ID: ROOT\MULTIFUNCTION\0001 Service: . Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318} Description: Officejet Pro 8500 A910 Device ID: ROOT\MULTIFUNCTION\0002 Manufacturer: HP Name: Officejet Pro 8500 A910 PNP Device ID: ROOT\MULTIFUNCTION\0002 Service: . Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318} Description: Deskjet 6940 series Device ID: ROOT\MULTIFUNCTION\0003 Manufacturer: HP Name: Deskjet 6940 series PNP Device ID: ROOT\MULTIFUNCTION\0003 Service: . ==== System Restore Points =================== . RP320: 3/3/2012 12:39:23 PM - Windows Update RP321: 3/8/2012 7:03:44 AM - Windows Update RP322: 3/9/2012 4:35:42 PM - Windows Update RP323: 3/11/2012 5:05:51 PM - Windows Update RP324: 3/14/2012 10:14:17 AM - Windows Update RP325: 3/15/2012 9:21:04 AM - Windows Update RP326: 3/15/2012 10:37:31 PM - Windows Update RP327: 3/17/2012 10:49:18 AM - Windows Update RP328: 3/17/2012 10:53:36 AM - Windows Update RP329: 3/17/2012 11:16:08 PM - Windows Update RP330: 3/20/2012 8:48:25 AM - Windows Update RP331: 3/20/2012 5:34:29 PM - Windows Update RP332: 3/21/2012 2:02:13 PM - Windows Update RP333: 3/22/2012 8:38:37 PM - Windows Update RP334: 3/22/2012 11:31:38 PM - Windows Update RP335: 3/23/2012 10:22:32 PM - Windows Update RP336: 3/23/2012 10:33:41 PM - Windows Update RP337: 3/24/2012 10:10:55 PM - Windows Update RP338: 3/25/2012 1:44:48 PM - Windows Update RP339: 3/25/2012 10:16:04 PM - Windows Update RP340: 3/27/2012 2:10:08 PM - Windows Update RP341: 3/27/2012 2:12:43 PM - Windows Update . ==== Installed Programs ====================== . Update for Microsoft Office 2007 (KB2508958) 1600 1600_Help 1600Trb Adobe Flash Player 10 ActiveX Adobe Flash Player 10 Plugin Adobe Reader 9.2 AIO_CDB_ProductContext AIO_CDB_Software AIO_Scan Apple Application Support Apple Software Update Bing Bar Bing Bar Platform BufferChm Cactus Ropes Championship ArenaPack Classic Championships ArenaPack Compatibility Pack for the 2007 Office system Direct DiscRecorder DocProc DVD MovieFactory for TOSHIBA Google Chrome Google Desktop Google Earth Plug-in Google Toolbar for Internet Explorer Google Update Helper HP Officejet Pro 8500 A910 Help HP Update HPPhotoGadget HPSSupply I.R.I.S. OCR Java 6 Update 14 Junk Mail filter update Kaspersky Internet Security 2011 Marketsplash Shortcuts Microsoft Choice Guard Microsoft Default Manager Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office Excel MUI (English) 2007 Microsoft Office Home and Student 2007 Microsoft Office OneNote MUI (English) 2007 Microsoft Office PowerPoint MUI (English) 2007 Microsoft Office PowerPoint Viewer 2007 (English) Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proofing (English) 2007 Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Shared MUI (English) 2007 Microsoft Office Shared Setup Metadata MUI (English) 2007 Microsoft Office Suite Activation Assistant Microsoft Office Word MUI (English) 2007 Microsoft Search Enhancement Pack Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Works Mozilla Firefox (3.6.28) MSVCRT MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) MSXML 4.0 SP2 Parser and SDK MyToshiba PC Ropes ArenaPack Philips Photo Manager 1.1 Primo QuickBooks Pro 2008 QuickTime Realtek Ethernet Controller Driver Realtek High Definition Audio Driver Realtek WLAN Driver RICOH R5U230 Media Driver ver.2.06.03.02 Runtime Scan Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition Skype Launcher Skype Toolbars Sony Picture Utility Spelling Dictionaries Support For Adobe Reader 9 Spin To Win ArenaPack SupportSoft Assisted Service Toolbox Toshiba Application Installer TOSHIBA Assist TOSHIBA ConfigFree TOSHIBA DVD PLAYER TOSHIBA eco Utility TOSHIBA Extended Tiles for Windows Mobility Center TOSHIBA Face Recognition TOSHIBA Hardware Setup TOSHIBA HDD/SSD Alert Toshiba Online Backup Toshiba Quality Application TOSHIBA Service Station TOSHIBA Speech System Applications TOSHIBA Speech System SR Engine(U.S.) Version1.0 TOSHIBA Speech System TTS Engine(U.S.) Version1.0 TOSHIBA Supervisor Password TOSHIBA USB Sleep and Charge Utility TOSHIBA Value Added Package TOSHIBA Web Camera Application ToshibaRegistration TRSim TRSim Bonus TRSim Bonus Patch 109 UnloadSupport Update for 2007 Microsoft Office System (KB967642) Update for Microsoft Office 2007 suites (KB2596651) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596789) 32-Bit Edition Update for Microsoft Office Excel 2007 (KB2596596) 32-Bit Edition WebReg WildTangent Games Windows Live Call Windows Live Communications Platform Windows Live Essentials Windows Live Mail Windows Live Messenger Windows Live Photo Gallery Windows Live Sync Windows Live Upload Tool Windows Live Writer Windows Media Player Firefox Plugin Yahoo! BrowserPlus 2.9.8 . ==== Event Viewer Messages From Past Week ======== . 3/27/2012 2:11:51 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Windows Internet Explorer 9 for Windows 7 for x64-based Systems. 3/27/2012 2:09:40 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the IPBusEnum service. 3/26/2012 7:24:32 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {C97FCC79-E628-407D-AE68-A06AD6D8B4D1} and APPID {344ED43D-D086-4961-86A6-1106F4ACAD9B} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool. 3/25/2012 9:54:15 PM, Error: Microsoft-Windows-DistributedCOM [10000] - Unable to start a DCOM Server: {1F87137D-0E7C-44D5-8C73-4EFFB68962F2}. The error: "5" Happened while starting this command: C:\windows\system32\wbem\wmiprvse.exe -secured -Embedding 3/25/2012 9:53:06 PM, Error: Service Control Manager [7023] - The Security Center service terminated with the following error: Access is denied. 3/25/2012 9:53:01 PM, Error: Service Control Manager [7000] - The Windows Media Player Network Sharing Service service failed to start due to the following error: Access is denied. 3/25/2012 9:52:31 PM, Error: Service Control Manager [7000] - The Software Protection service failed to start due to the following error: Access is denied. 3/25/2012 9:52:16 PM, Error: Service Control Manager [7023] - The Function Discovery Provider Host service terminated with the following error: Access is denied. 3/25/2012 9:52:16 PM, Error: Service Control Manager [7001] - The PnP-X IP Bus Enumerator service depends on the Function Discovery Provider Host service which failed to start because of the following error: Access is denied. 3/25/2012 9:49:46 PM, Error: Service Control Manager [7023] - The SSDP Discovery service terminated with the following error: Access is denied. 3/25/2012 9:49:46 PM, Error: Service Control Manager [7000] - The IPsec Policy Agent service failed to start due to the following error: Access is denied. 3/25/2012 9:49:44 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the IPsec Policy Agent service to connect. 3/25/2012 9:49:44 PM, Error: Service Control Manager [7000] - The IPsec Policy Agent service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 3/25/2012 9:38:30 PM, Error: Service Control Manager [7022] - The HP Network Devices Support service hung on starting. 3/25/2012 9:03:35 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Media Player Network Sharing Service service to connect. 3/25/2012 9:03:35 PM, Error: Service Control Manager [7000] - The Windows Media Player Network Sharing Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 3/25/2012 3:28:44 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Netman service. 3/23/2012 9:18:32 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the AVP service. 3/23/2012 10:27:57 PM, Error: Service Control Manager [7022] - The Kaspersky Anti-Virus Service service hung on starting. . ==== End Of File ===========================

i just purchased a subscription to malwarebytes anti malware, and i think my computer might have malware that is keeping me from downloading it. DDS (Ver_2011-08-26.01) - NTFSAMD64 Internet Explorer: 8.0.7600.16385 Run by danger at 15:06:02 on 2012-03-27 Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.3964.2317 [GMT -7:00] . AV: Kaspersky Internet Security *Enabled/Updated* {56547CC9-C9B2-849D-8FEF-A496150D6A06} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Kaspersky Internet Security *Enabled/Updated* {ED359D2D-EF88-8B13-B55F-9FE46E8A20BB} FW: Kaspersky Internet Security *Enabled* {6E6FFDEC-83DD-85C5-A4B0-0DA3EBDE2D7D} . ============== Running Processes =============== . C:\windows\system32\wininit.exe C:\windows\system32\lsm.exe C:\windows\system32\svchost.exe -k DcomLaunch C:\windows\system32\svchost.exe -k RPCSS C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\windows\system32\svchost.exe -k netsvcs C:\windows\system32\svchost.exe -k LocalService C:\windows\system32\svchost.exe -k NetworkService C:\windows\System32\spoolsv.exe C:\windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe C:\windows\system32\svchost.exe -k imgsvc C:\windows\system32\ThpSrv.exe C:\Windows\system32\TODDSrv.exe C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe C:\Program Files\TOSHIBA\TECO\TecoService.exe C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\windows\system32\SearchIndexer.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\windows\system32\taskhost.exe C:\windows\system32\Dwm.exe C:\windows\Explorer.EXE C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Windows\System32\ThpSrv.exe C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe C:\windows\system32\igfxsrvc.exe C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe C:\windows\system32\taskeng.exe C:\Program Files\TOSHIBA\TECO\Teco.exe C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe C:\windows\system32\igfxext.exe C:\Program Files (x86)\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\mswinext.exe C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe C:\windows\system32\svchost.exe -k HPService C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe C:\windows\System32\svchost.exe -k secsvcs C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\x64\klwtblfs.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\windows\system32\wuauclt.exe C:\windows\SysWOW64\cmd.exe C:\windows\system32\conhost.exe C:\windows\SysWOW64\cscript.exe C:\windows\system32\wbem\wmiprvse.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNA uDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNA mDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNA mStart Page = hxxp://www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNA mWinlogon: Userinit=userinit.exe, BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: IEVkbdBHO Class: {59273ab4-e7d3-40f9-a1a8-6fa9cca1862c} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\ievkbd.dll BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll BHO: Bing Bar BHO: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\npwinext.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll BHO: FilterBHO Class: {e33cf602-d945-461a-83f0-819f76a199f8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll TB: @C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\npwinext.dll,-100: {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\npwinext.dll TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll {555d4d79-4bd2-4094-a395-cfc534424a05} uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" uRun: [Google Update] "C:\Users\danger\AppData\Local\Google\Update\GoogleUpdate.exe" /c uRun: [AlcoholAutomount] "C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" -automount uRunOnce: [FlashPlayerUpdate] C:\windows\system32\Macromed\Flash\NPSWF32_FlashUtil.exe -p mRun: [TUSBSleepChargeSrv] %ProgramFiles(x86)%\TOSHIBA\TOSHIBA USB Sleep and Charge Utility\TUSBSleepChargeSrv.exe mRun: [NortonOnlineBackupReminder] "C:\Program Files (x86)\TOSHIBA\Toshiba Online Backup\Activation\TobuActivation.exe" UNATTENDED mRun: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe" mRun: [Auto Run Software for Photo Frame] mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe mRun: [<NO NAME>] mRun: [bing Bar] "C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\mswinext.exe" mRun: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime StartupFolder: C:\Users\danger\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\PMBMED~1.LNK - C:\Program Files (x86)\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\WDDMST~1.LNK - C:\Program Files (x86)\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\WDSMAR~1.LNK - C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe mPolicies-explorer: NoActiveDesktop = 1 (0x1) mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1) mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: Add to Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\ie_banner_deny.htm IE: E&xport to Microsoft Excel - C:\PROGRA~2\MIF5BA~1\Office12\EXCEL.EXE/3000 IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MIF5BA~1\Office12\ONBttnIE.dll IE: {4248FE82-7FCB-46AC-B270-339F08212110} - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MIF5BA~1\Office12\REFIEBAR.DLL IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab TCP: DhcpNameServer = 216.170.112.1 216.170.112.30 11.0.0.1 TCP: Interfaces\{3C92850D-A192-4F23-983F-19D123081ADB} : DhcpNameServer = 216.170.112.1 216.170.112.30 11.0.0.1 TCP: Interfaces\{3C92850D-A192-4F23-983F-19D123081ADB}\7596562737D616 : DhcpNameServer = 192.168.1.254 TCP: Interfaces\{3C92850D-A192-4F23-983F-19D123081ADB}\B4E656368647E45647 : DhcpNameServer = 216.170.112.1 216.170.112.30 11.0.0.1 TCP: Interfaces\{3C92850D-A192-4F23-983F-19D123081ADB}\C696E6B6379737 : DhcpNameServer = 216.170.112.1 216.170.112.30 11.0.0.1 Handler: intu-help-qb1 - {9B0F96C7-2E4B-433e-ABF3-043BA1B54AE3} - C:\Program Files (x86)\Intuit\QuickBooks 2008\HelpAsyncPluggableProtocol.dll Handler: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - C:\Windows\System32\mscoree.dll AppInit_DLLs: C:\PROGRA~2\KASPER~1\KASPER~2\MZVKBD3.DLL, C:\PROGRA~2\KASPER~1\KASPER~2\SBHOOK.DLL C:\PROGRA~2\GOOGLE\GOOGLE~3\GO36F4~1.DLL mASetup: {01250B8F-D947-4F8A-9408-FE8E3EE2EC92} - C:\Program Files (x86)\TOSHIBA\My Toshiba\MyToshiba.exe /SETUP BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO-X64: AcroIEHelperStub - No File BHO-X64: IEVkbdBHO Class: {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\ievkbd.dll BHO-X64: IEVkbdBHO - No File BHO-X64: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File BHO-X64: Search Helper: {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll BHO-X64: Search Helper - No File BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll BHO-X64: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll BHO-X64: Bing Bar BHO: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\npwinext.dll BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll BHO-X64: FilterBHO Class: {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll BHO-X64: link filter bho - No File TB-X64: @C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\npwinext.dll,-100: {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\npwinext.dll TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll EB-X64: {555D4D79-4BD2-4094-A395-CFC534424A05} - No File mRun-x64: [TUSBSleepChargeSrv] %ProgramFiles(x86)%\TOSHIBA\TOSHIBA USB Sleep and Charge Utility\TUSBSleepChargeSrv.exe mRun-x64: [NortonOnlineBackupReminder] "C:\Program Files (x86)\TOSHIBA\Toshiba Online Backup\Activation\TobuActivation.exe" UNATTENDED mRun-x64: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe" mRun-x64: [Auto Run Software for Photo Frame] mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun-x64: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe mRun-x64: [(Default)] mRun-x64: [bing Bar] "C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\mswinext.exe" mRun-x64: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime AppInit_DLLs-X64: C:\PROGRA~2\KASPER~1\KASPER~2\MZVKBD3.DLL, C:\PROGRA~2\KASPER~1\KASPER~2\SBHOOK.DLL C:\PROGRA~2\GOOGLE\GOOGLE~3\GO36F4~1.DLL . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\danger\AppData\Roaming\Mozilla\Firefox\Profiles\a4n5j32w.default\ FF - prefs.js: browser.search.defaulturl - hxxp://www.bing.com/search?FORM=IP2TDF&PC=IP2TDF&q= FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?FORM=IP2TDF&PC=IP2TDF&q= FF - prefs.js: network.proxy.type - 4 FF - component: C:\Program Files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}\components\SkypeFfComponent.dll FF - component: C:\Program Files (x86)\Mozilla Firefox\extensions\KavAntiBanner@Kaspersky.ru\components\abhelperxpcom.dll FF - component: C:\Program Files (x86)\Mozilla Firefox\extensions\linkfilter@kaspersky.ru\components\kavlinkfilter.dll FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.2.183.23\npGoogleOneClick8.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.2.183.29\npGoogleOneClick8.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.2.183.39\npGoogleOneClick8.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.53\npGoogleUpdate3.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.57\npGoogleUpdate3.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.65\npGoogleUpdate3.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.69\npGoogleUpdate3.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll FF - plugin: C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\npwinext.dll FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll FF - plugin: C:\Users\danger\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll FF - plugin: C:\Users\danger\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF - Ext: Kaspersky URL Advisor: linkfilter@kaspersky.ru - C:\Program Files (x86)\Mozilla Firefox\extensions\linkfilter@kaspersky.ru FF - Ext: Skype extension for Firefox: {AB2CE124-6272-4b12-94A9-7303C7397BD1} - C:\Program Files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} FF - Ext: Anti-Banner: KavAntiBanner@Kaspersky.ru - C:\Program Files (x86)\Mozilla Firefox\extensions\KavAntiBanner@Kaspersky.ru . ============= SERVICES / DRIVERS =============== . R0 PxHlpa64;PxHlpa64;C:\windows\system32\Drivers\PxHlpa64.sys --> C:\windows\system32\Drivers\PxHlpa64.sys [?] R1 kl2;kl2;C:\windows\system32\DRIVERS\kl2.sys --> C:\windows\system32\DRIVERS\kl2.sys [?] R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;C:\windows\system32\DRIVERS\klim6.sys --> C:\windows\system32\DRIVERS\klim6.sys [?] R2 rimspci;rimspci;C:\windows\system32\DRIVERS\rimspe64.sys --> C:\windows\system32\DRIVERS\rimspe64.sys [?] R2 risdpcie;risdpcie;C:\windows\system32\DRIVERS\risdpe64.sys --> C:\windows\system32\DRIVERS\risdpe64.sys [?] R2 rixdpcie;rixdpcie;C:\windows\system32\DRIVERS\rixdpe64.sys --> C:\windows\system32\DRIVERS\rixdpe64.sys [?] R3 FwLnk;FwLnk Driver;C:\windows\system32\DRIVERS\FwLnk.sys --> C:\windows\system32\DRIVERS\FwLnk.sys [?] R3 IntcHdmiAddService;Intel® High Definition Audio HDMI;C:\windows\system32\drivers\IntcHdmi.sys --> C:\windows\system32\drivers\IntcHdmi.sys [?] R3 PGEffect;Pangu effect driver;C:\windows\system32\DRIVERS\pgeffect.sys --> C:\windows\system32\DRIVERS\pgeffect.sys [?] R3 RTL8167;Realtek 8167 NT Driver;C:\windows\system32\DRIVERS\Rt64win7.sys --> C:\windows\system32\DRIVERS\Rt64win7.sys [?] R3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;C:\windows\system32\DRIVERS\rtl8192se.sys --> C:\windows\system32\DRIVERS\rtl8192se.sys [?] S3 klmouflt;Kaspersky Lab KLMOUFLT;C:\windows\system32\DRIVERS\klmouflt.sys --> C:\windows\system32\DRIVERS\klmouflt.sys [?] . =============== Created Last 30 ================ . 2012-03-27 21:13:51 8669240 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{5D7ADE78-F0B6-4D2D-8F54-88D56E0763AC}\mpengine.dll 2012-03-14 17:16:30 3143168 ----a-w- C:\windows\System32\win32k.sys 2012-03-14 17:16:21 902656 ----a-w- C:\windows\System32\d2d1.dll 2012-03-14 17:16:21 1837568 ----a-w- C:\windows\System32\d3d10warp.dll 2012-03-14 17:16:21 1170944 ----a-w- C:\windows\SysWow64\d3d10warp.dll 2012-03-14 17:16:20 739840 ----a-w- C:\windows\SysWow64\d2d1.dll 2012-03-14 17:16:19 320512 ----a-w- C:\windows\System32\d3d10_1core.dll 2012-03-14 17:16:19 1541120 ----a-w- C:\windows\System32\DWrite.dll 2012-03-14 17:16:19 1074176 ----a-w- C:\windows\SysWow64\DWrite.dll 2012-03-14 17:16:18 218624 ----a-w- C:\windows\SysWow64\d3d10_1core.dll 2012-03-14 17:16:18 197120 ----a-w- C:\windows\System32\d3d10_1.dll 2012-03-14 17:16:18 161792 ----a-w- C:\windows\SysWow64\d3d10_1.dll 2012-03-14 17:12:56 826368 ----a-w- C:\windows\SysWow64\rdpcore.dll 2012-03-14 17:12:56 23552 ----a-w- C:\windows\System32\drivers\tdtcp.sys 2012-03-14 17:12:56 204800 ----a-w- C:\windows\System32\drivers\rdpwd.sys 2012-03-14 17:12:56 1031680 ----a-w- C:\windows\System32\rdpcore.dll 2012-03-14 17:12:45 9216 ----a-w- C:\windows\System32\rdrmemptylst.exe 2012-03-14 17:12:45 76288 ----a-w- C:\windows\System32\rdpwsx.dll 2012-03-14 17:12:45 149504 ----a-w- C:\windows\System32\rdpcorekmts.dll . ==================== Find3M ==================== . 2012-02-23 16:18:36 279656 ------w- C:\windows\System32\MpSigStub.exe . ============= FINISH: 15:07:26.65 =============== . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2011-08-26.01) . Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume1 Install Date: 12/28/2009 5:06:55 PM System Uptime: 3/27/2012 1:58:55 PM (2 hours ago) . Motherboard: TOSHIBA | | Portable PC Processor: Intel® Core2 Duo CPU T6600 @ 2.20GHz | CPU | 2200/800mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 454 GiB total, 337.525 GiB free. D: is CDROM (CDFS) E: is CDROM () . ==== Disabled Device Manager Items ============= . Class GUID: Description: Officejet Pro 8500 A910 Device ID: ROOT\MULTIFUNCTION\0000 Manufacturer: Name: Officejet Pro 8500 A910 PNP Device ID: ROOT\MULTIFUNCTION\0000 Service: . Class GUID: Description: Officejet Pro 8500 A910 Device ID: ROOT\MULTIFUNCTION\0001 Manufacturer: Name: Officejet Pro 8500 A910 PNP Device ID: ROOT\MULTIFUNCTION\0001 Service: . Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318} Description: Officejet Pro 8500 A910 Device ID: ROOT\MULTIFUNCTION\0002 Manufacturer: HP Name: Officejet Pro 8500 A910 PNP Device ID: ROOT\MULTIFUNCTION\0002 Service: . Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318} Description: Deskjet 6940 series Device ID: ROOT\MULTIFUNCTION\0003 Manufacturer: HP Name: Deskjet 6940 series PNP Device ID: ROOT\MULTIFUNCTION\0003 Service: . ==== System Restore Points =================== . RP320: 3/3/2012 12:39:23 PM - Windows Update RP321: 3/8/2012 7:03:44 AM - Windows Update RP322: 3/9/2012 4:35:42 PM - Windows Update RP323: 3/11/2012 5:05:51 PM - Windows Update RP324: 3/14/2012 10:14:17 AM - Windows Update RP325: 3/15/2012 9:21:04 AM - Windows Update RP326: 3/15/2012 10:37:31 PM - Windows Update RP327: 3/17/2012 10:49:18 AM - Windows Update RP328: 3/17/2012 10:53:36 AM - Windows Update RP329: 3/17/2012 11:16:08 PM - Windows Update RP330: 3/20/2012 8:48:25 AM - Windows Update RP331: 3/20/2012 5:34:29 PM - Windows Update RP332: 3/21/2012 2:02:13 PM - Windows Update RP333: 3/22/2012 8:38:37 PM - Windows Update RP334: 3/22/2012 11:31:38 PM - Windows Update RP335: 3/23/2012 10:22:32 PM - Windows Update RP336: 3/23/2012 10:33:41 PM - Windows Update RP337: 3/24/2012 10:10:55 PM - Windows Update RP338: 3/25/2012 1:44:48 PM - Windows Update RP339: 3/25/2012 10:16:04 PM - Windows Update RP340: 3/27/2012 2:10:08 PM - Windows Update RP341: 3/27/2012 2:12:43 PM - Windows Update . ==== Installed Programs ====================== . Update for Microsoft Office 2007 (KB2508958) 1600 1600_Help 1600Trb Adobe Flash Player 10 ActiveX Adobe Flash Player 10 Plugin Adobe Reader 9.2 AIO_CDB_ProductContext AIO_CDB_Software AIO_Scan Apple Application Support Apple Software Update Bing Bar Bing Bar Platform BufferChm Cactus Ropes Championship ArenaPack Classic Championships ArenaPack Compatibility Pack for the 2007 Office system Direct DiscRecorder DocProc DVD MovieFactory for TOSHIBA Google Chrome Google Desktop Google Earth Plug-in Google Toolbar for Internet Explorer Google Update Helper HP Officejet Pro 8500 A910 Help HP Update HPPhotoGadget HPSSupply I.R.I.S. OCR Java 6 Update 14 Junk Mail filter update Kaspersky Internet Security 2011 Marketsplash Shortcuts Microsoft Choice Guard Microsoft Default Manager Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office Excel MUI (English) 2007 Microsoft Office Home and Student 2007 Microsoft Office OneNote MUI (English) 2007 Microsoft Office PowerPoint MUI (English) 2007 Microsoft Office PowerPoint Viewer 2007 (English) Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proofing (English) 2007 Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Shared MUI (English) 2007 Microsoft Office Shared Setup Metadata MUI (English) 2007 Microsoft Office Suite Activation Assistant Microsoft Office Word MUI (English) 2007 Microsoft Search Enhancement Pack Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Works Mozilla Firefox (3.6.28) MSVCRT MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) MSXML 4.0 SP2 Parser and SDK MyToshiba PC Ropes ArenaPack Philips Photo Manager 1.1 Primo QuickBooks Pro 2008 QuickTime Realtek Ethernet Controller Driver Realtek High Definition Audio Driver Realtek WLAN Driver RICOH R5U230 Media Driver ver.2.06.03.02 Runtime Scan Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition Skype Launcher Skype Toolbars Sony Picture Utility Spelling Dictionaries Support For Adobe Reader 9 Spin To Win ArenaPack SupportSoft Assisted Service Toolbox Toshiba Application Installer TOSHIBA Assist TOSHIBA ConfigFree TOSHIBA DVD PLAYER TOSHIBA eco Utility TOSHIBA Extended Tiles for Windows Mobility Center TOSHIBA Face Recognition TOSHIBA Hardware Setup TOSHIBA HDD/SSD Alert Toshiba Online Backup Toshiba Quality Application TOSHIBA Service Station TOSHIBA Speech System Applications TOSHIBA Speech System SR Engine(U.S.) Version1.0 TOSHIBA Speech System TTS Engine(U.S.) Version1.0 TOSHIBA Supervisor Password TOSHIBA USB Sleep and Charge Utility TOSHIBA Value Added Package TOSHIBA Web Camera Application ToshibaRegistration TRSim TRSim Bonus TRSim Bonus Patch 109 UnloadSupport Update for 2007 Microsoft Office System (KB967642) Update for Microsoft Office 2007 suites (KB2596651) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596789) 32-Bit Edition Update for Microsoft Office Excel 2007 (KB2596596) 32-Bit Edition WebReg WildTangent Games Windows Live Call Windows Live Communications Platform Windows Live Essentials Windows Live Mail Windows Live Messenger Windows Live Photo Gallery Windows Live Sync Windows Live Upload Tool Windows Live Writer Windows Media Player Firefox Plugin Yahoo! BrowserPlus 2.9.8 . ==== Event Viewer Messages From Past Week ======== . 3/27/2012 2:11:51 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Windows Internet Explorer 9 for Windows 7 for x64-based Systems. 3/27/2012 2:09:40 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the IPBusEnum service. 3/26/2012 7:24:32 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {C97FCC79-E628-407D-AE68-A06AD6D8B4D1} and APPID {344ED43D-D086-4961-86A6-1106F4ACAD9B} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool. 3/25/2012 9:54:15 PM, Error: Microsoft-Windows-DistributedCOM [10000] - Unable to start a DCOM Server: {1F87137D-0E7C-44D5-8C73-4EFFB68962F2}. The error: "5" Happened while starting this command: C:\windows\system32\wbem\wmiprvse.exe -secured -Embedding 3/25/2012 9:53:06 PM, Error: Service Control Manager [7023] - The Security Center service terminated with the following error: Access is denied. 3/25/2012 9:53:01 PM, Error: Service Control Manager [7000] - The Windows Media Player Network Sharing Service service failed to start due to the following error: Access is denied. 3/25/2012 9:52:31 PM, Error: Service Control Manager [7000] - The Software Protection service failed to start due to the following error: Access is denied. 3/25/2012 9:52:16 PM, Error: Service Control Manager [7023] - The Function Discovery Provider Host service terminated with the following error: Access is denied. 3/25/2012 9:52:16 PM, Error: Service Control Manager [7001] - The PnP-X IP Bus Enumerator service depends on the Function Discovery Provider Host service which failed to start because of the following error: Access is denied. 3/25/2012 9:49:46 PM, Error: Service Control Manager [7023] - The SSDP Discovery service terminated with the following error: Access is denied. 3/25/2012 9:49:46 PM, Error: Service Control Manager [7000] - The IPsec Policy Agent service failed to start due to the following error: Access is denied. 3/25/2012 9:49:44 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the IPsec Policy Agent service to connect. 3/25/2012 9:49:44 PM, Error: Service Control Manager [7000] - The IPsec Policy Agent service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 3/25/2012 9:38:30 PM, Error: Service Control Manager [7022] - The HP Network Devices Support service hung on starting. 3/25/2012 9:03:35 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Media Player Network Sharing Service service to connect. 3/25/2012 9:03:35 PM, Error: Service Control Manager [7000] - The Windows Media Player Network Sharing Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 3/25/2012 3:28:44 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Netman service. 3/23/2012 9:18:32 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the AVP service. 3/23/2012 10:27:57 PM, Error: Service Control Manager [7022] - The Kaspersky Anti-Virus Service service hung on starting. . ==== End Of File ===========================

im infected, and cant install malwarebytes protection, please help!